Describe the security issue
Aikido indicates that org.slf4j:slf4j-log4j12 version 1.7.30 lists log4j:log4j:1.2.17 as a dependency.
log4j:log4j:1.2.17 is affected by:
CVE-2022-23305
CVE-2019-17571
CVE-2022-23302
CVE-2022-23307
CVE-2021-4104
CVE-2026-34480
CVE-2026-34478
CVE-2023-26464
CVE-2026-34477
CVE-2026-49844
Vulnerability Location
This is a third party library.
Environment (please complete the following information if it is applicable to the issue)
Every environment. Vulnerable library bundled with software.
Suggested remediation
Update org.slf4j.slf4j-log4j12 to a version greater than 1.7.34.
Additional context
Add any other context about the problem here.
Describe the security issue
Aikido indicates that org.slf4j:slf4j-log4j12 version 1.7.30 lists log4j:log4j:1.2.17 as a dependency.
log4j:log4j:1.2.17 is affected by:
CVE-2022-23305
CVE-2019-17571
CVE-2022-23302
CVE-2022-23307
CVE-2021-4104
CVE-2026-34480
CVE-2026-34478
CVE-2023-26464
CVE-2026-34477
CVE-2026-49844
Vulnerability Location
This is a third party library.
Environment (please complete the following information if it is applicable to the issue)
Every environment. Vulnerable library bundled with software.
Suggested remediation
Update org.slf4j.slf4j-log4j12 to a version greater than 1.7.34.
Additional context
Add any other context about the problem here.