Solved
SoapUI 5.5.0 Log4j vulnerability
Hi, We are running Soap 5.5.0 ( currently not sure if this just a free version or a paid version) with log4j-1.2.14.jar can you tell me if a update is going to be released that resolves the Log4...
Forum Discussion
sonya_m
Alumni
AlumniHi stevelsmith ! Our development team is aware of this issue and we're currently working on fixing it. Very soon we will deliver a hot fix release. Please see this pull request https://github.com/SmartBear/soapui/tree/release-5.6.1 for more details.
Hi There, I'm after the same issue and our organization also have version SoapUI 5.5.0. So do you recommend to download the 5.6.1 version you've mentioned to get the vulnerability issue fixed? or Do we need to wait for you to release a version which fixed the Log4j vulnerability?
Hi,
I believe that we have to wait as the jar released by Apache is for apache servers so if you were to copy the file into the Soapui application it would not pick it up. We have renamed the jar file to stop the application working at the moment.
Steve
