--
You received this message because you are subscribed to the Google Groups "Drools Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to drools-developm...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/drools-development/efbfdc9a-6d07-4d33-be3a-472f216063a9n%40googlegroups.com.
java -jar logpresso-log4j2-scan-1.2.2.jar /Users/shreyash/drools/
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/add-ons-distribution/target/migration-tool/kie-wb-common-cli-migration-tool-7.35.0-SNAPSHOT/lib/log4j-core-2.11.1.jar, log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-webapp/target/business-central-webapp/WEB-INF/lib/log4j-core-2.11.1.jar, log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-webapp/target/business-central-webapp-thorntail.jar (m2repo/org/apache/logging/log4j/log4j-core/2.11.1/log4j-core-2.11.1.jar), log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-webapp/target/business-central-webapp.war (WEB-INF/lib/log4j-core-2.11.1.jar), log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-distribution-wars/business-central/target/business-central-7.35.0-SNAPSHOT-wildfly14/WEB-INF/lib/log4j-core-2.11.1.jar, log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-distribution-wars/business-central/target/business-central-7.35.0-SNAPSHOT-wildfly14.war (WEB-INF/lib/log4j-core-2.11.1.jar), log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-distribution-wars/business-central/target/business-central-7.35.0-SNAPSHOT-wildfly-deployable/wildfly-14.0.1.Final/standalone/deployments/business-central.war/WEB-INF/lib/log4j-core-2.11.1.jar, log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-distribution-wars/business-monitoring/target/business-monitoring-7.35.0-SNAPSHOT-wildfly14/WEB-INF/lib/log4j-core-2.11.1.jar, log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-distribution-wars/business-monitoring/target/business-monitoring-7.35.0-SNAPSHOT-wildfly-deployable/wildfly-14.0.1.Final/standalone/deployments/business-central.war/WEB-INF/lib/log4j-core-2.11.1.jar, log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-central-distribution-wars/business-monitoring/target/business-monitoring-7.35.0-SNAPSHOT-wildfly14.war (WEB-INF/lib/log4j-core-2.11.1.jar), log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-monitoring-webapp/target/business-monitoring-webapp.war (WEB-INF/lib/log4j-core-2.11.1.jar), log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-monitoring-webapp/target/business-monitoring-webapp-thorntail.jar (m2repo/org/apache/logging/log4j/log4j-core/2.11.1/log4j-core-2.11.1.jar), log4j 2.11.1
[*] Found CVE-2021-44228 vulnerability in /Users/shreyash/drools/kie-wb-distributions/business-central-parent/business-monitoring-webapp/target/business-monitoring-webapp/WEB-INF/lib/log4j-core-2.11.1.jar, log4j 2.11.1
Scanned 15746 directories and 65246 files
Found 13 vulnerable files
Completed in 46.11 seconds
What do you suggest I should do here? I am using version 7.35 for both business-central as well as kie-server.
To view this discussion on the web visit https://groups.google.com/d/msgid/drools-development/560ddbad-cb5b-484e-a8ed-0f3acacd1a40n%40googlegroups.com.