upgrade Apache Log4j Core to 2.25.4

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Security
    • None
    • 2
    • 4

      Summary:

      Confluence is currently using a version of Apache Log4J Less than 2.25.4. As a result, many automated security scanners are triggering for CVE-2026-34477, CVE-2026-34478, CVE-2026-34479, CVE-2026-34480, CVE-2026-34481

      Suggestion

      Please update the version of Apache Log4J used by Confluence to version 2.25.4 or newer

              Assignee:
              Unassigned
              Reporter:
              Lou Paglaiccetti
              Votes:
              6 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: