Hi team,
we have recently updated flowable version from 6.50. to 6.7.0.
While scanning our application we have found few of dependent jar’s are raising alarm.
Below are the dependency
- CVE-2021-45105+log4j-api-2.13.3.jar
- CVE-2021-45105+log4j-to-slf4j-2.13.3.jar
We can fix this by updating jar version.
Please suggest how to update dependency.
Thanks.