Welcome to the Linux Foundation Forum!

Fixing Log4J vulnerability in course repo

SCA stage is failing with this error:

One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '8.0':

log4j-api-2.15.0.jar: CVE-2021-45046
logback-core-1.2.6.jar: CVE-2021-42550

How can we fix this log4j vulnerability issue in course code repo(dso-demo)



Upcoming Training