ZAPI Version: 2.7.1.27107788 and Log4j Security Vulnerability

Question

Please confirm if ZAPI Version: 2.7.1.27107788 is exposed to the Log4j Security Vulnerability

sanjeevpande · Accepted Answer

Hello&nbsp;jmorales&nbsp;,
&nbsp;
ZAPI plugin is no longer needed with Zephyr Squad. It is bundled within the Zephyr Squad application. You can refer to following guide to refer how API's can be used.&nbsp;https://support.smartbear.com/zephyr-squad-server/docs/api/index.html
&nbsp;
The document also refers a note with the following details:

Note:

Previously, to access Zephyr Squad REST API, you had to install an additional plugin (ZAPI). As of October 2020, the API is available out-of-the-box, and the ZAPI plugin is no longer needed.

&nbsp;
Please let us know if you have additional questions.
&nbsp;
Thank you.
&nbsp;
Best regards,
Sanjeev Pande

sonya_m · Answer

Hi&nbsp;jmorales, please refer to the official up-to-date SmartBear page on the vulnerability handling:&nbsp;https://smartbear.com/security/cve-2021-44228/&nbsp;

jmorales · Answer

Thank you for the information. We have already patched our&nbsp;Zephyr Squad Jira Plugin to address the Log4j security vulnerability. Does&nbsp;Zephyr Squad also include ZAPI ?? The links provided is unclear if ZAPI is bundled with&nbsp;Zephyr Squad.

Forum Discussion

ZAPI Version: 2.7.1.27107788 and Log4j Security Vulnerability

3 Replies

Related Content

log4j vulnerability in older versions

Log4J vulnerability

ReadyAPI-3.3.1 log4j vulnerable?

Log4j Vulnerability - Swagger

log4j security vulnerability

Recent Discussions

Is there a way to mark Steps in test cases as Pass or Fail using Zephyr Scale Server APIs?

Where is the POST stepresult API?

Looking for query guidance when (not!) adding tests to an execution

Need a dashboard widget that shows Test step status's

ZQL queries in cloud no longer support labels or summary?