-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Log4j < 2.16 #30
Comments
@tpwl21 not sure, it seems log4j is part of JMeter core.. +--- org.apache.jmeter:ApacheJMeter_core:5.4.1 BR, |
Thanks for your answer Mike, It Looks like Jmeter 5.4.2 has been released and integrate the version log4j 2.16. BR, |
Thanks @tpwl21 , Will push a new release soon with updated things.. BR, |
@tpwl21 please take the latest release. BR, |
Thanks a lot Mike for this new release. All the best, |
Welcome please do not forget to use the latest JMeter :) BR, |
The plugin use the library log4j version 2.13.
As everybody knows this version is vulnerable (RCE). Even if it's not critical, it triggers security scans.
Possible to build a new version of the listenner using log4j 2.16 ?
The text was updated successfully, but these errors were encountered: