i don't know if this belongs here, but it's worth a try:
we use the ready-api-soapui-testrunner:3.20.0 from hub.docker.com.
During our security scans (trivy v0.22.0) we discovered that the image contains a critical error. The CVE-2019-17571 concerns log4j 1.12.7.
Are there any plans to fix it?
Solved! Go to Solution.
Hello, unfortunately our license vendor users log4J 1.12.7 which is why you are seeing the message. We have updated log4j in ReadyAPI but still working with our license vendor to update log4j on their end. Let me know if you have further concerns or questions and I will keep you posted.
Ready API Product Owner