JEditor 3.23.1 release notes

Security

[Security] Fixed transitive security vulnerabilities caused by log4j v1.2.17 that impacted JEditor 3.23.0. List of fixed vulnerabilities:

  • CVE-2019-17571
  • CVE-2021-4104
  • CVE-2022-23302
  • CVE-2022-23305
  • CVE-2022-23307

Security advisory for the vulnerabilities: https://jeditor.zendesk.com/hc/en-us/articles/31057331879949-JEditor-Security-Advisory-CVE-2019-17571-CVE-2021-4104-CVE-2022-23302-CVE-2022-23305-CVE-2022-23307-vulnerabilities-in-log4j-v1-2-17-library-in-JEditor-3-23-0.

Please note:
JEditor versions prior to 3.23.0 are not impacted by these vulnerabilities. Upgrading to version 3.23.1 excludes log4j v1.2.17 from transitive dependencies and permanently resolves the issue. No further actions are necessary.

Alex Bobrovskikh -
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk