upgrade Apache Log4j Core to 2.25.3

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Security
    • None
    • 24
    • 6

      Summary:

      Confluence is currently using a version of Apache Log4J Less than 2.25.3. As a result, many automated security scanners are triggering for CVE-2025-68161

      Suggestion

      Please update the version of Apache Log4J used by Confluence to version 2.25.3 or newer

              Assignee:
              Unassigned
              Reporter:
              Lou Paglaiccetti
              Votes:
              11 Vote for this issue
              Watchers:
              15 Start watching this issue

                Created:
                Updated: