Hi,
First off - happy holiday season.
Apologies, I realize this has been open for a few months now, however - the CVE information for:
Was just updated to indicate that all non-bata versions of SLF4j are vulnerable; so I am only now receiving notification from our security scanning system.
The defect above has been stuck in unresolved state for a while now. What is the status of the patch? Given the widespread usage of SLF4J some form of remediation is urgently needed.
Is there anything I can do to help resolve this defect more quickly?
Kind regards,
Mike