SLF4J / SLF4J-494 [Open] slf4j introduces the log4j version of 1.2.17. There is a security vulnerability. The security vulnerability CVE numbers are CVE-2019-17571 and CVE-2020-9488. Please fix it. ============================== Here's what changed in this issue in the last few minutes. There is 1 comment. View or comment on issue using this link https://jira.qos.ch/browse/SLF4J-494 ============================== 1 comment ------------------------------ Rade Martinović on 02/Dec/20 10:53 AM log4j:log4j:1.2.17 is the latest version released in 2012. I guess log4j 1 should be deprecated in favor of log4j 2. I hope no one is using log4j 1 anymore. ============================== This message was sent by Atlassian Jira (v8.8.0#808000-sha1:e2c7e59)