engine/java:chore - add CVE-2021-44832 detail to the description of t…

…he HS-JAVA-150 rule (#916) Signed-off-by: Maximillian Arruda <dearrudam@gmail.com> (cherry picked from commit c43d93c)
ZupIT · Jan 11, 2022 · b0e7529 · b0e7529
1 parent 656311d
commit b0e7529
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/internal/services/engines/java/rules.go b/internal/services/engines/java/rules.go
@@ -2569,7 +2569,7 @@ func NewVulnerableRemoteCodeInjectionApacheLog4j() text.TextRule {
 		Metadata: engine.Metadata{
 			ID:          "HS-JAVA-150",
 			Name:        "Remote code injection Apache Log4j",
-			Description: "Log4j versions prior to 2.17.0 are subject to a remote code execution vulnerability via the ldap JNDI parser, uncontrolled recursion from self-referential lookups and some other vulnerabilities. For more information checkout the CVE-2021-44228 (https://nvd.nist.gov/vuln/detail/CVE-2021-44228), CVE-2021-45046 (https://nvd.nist.gov/vuln/detail/CVE-2021-45046) and CVE-2021-45105 (https://nvd.nist.gov/vuln/detail/CVE-2021-45105) advisories.",
+			Description: "Log4j versions prior to 2.17.1 are subject to a remote code execution vulnerability via the ldap JNDI parser, uncontrolled recursion from self-referential lookups and some other vulnerabilities. For more information checkout the CVE-2021-44228 (https://nvd.nist.gov/vuln/detail/CVE-2021-44228), CVE-2021-45046 (https://nvd.nist.gov/vuln/detail/CVE-2021-45046), CVE-2021-45105 (https://nvd.nist.gov/vuln/detail/CVE-2021-45105) and CVE-2021-44832 (https://nvd.nist.gov/vuln/detail/CVE-2021-44832) advisories.",
 			Severity:    severities.Critical.ToString(),
 			Confidence:  confidence.Medium.ToString(),
 		},