Kindly help to check and assess if Dollar Universe is impacted with below mentioned Log4j CVE's
CVE-2020-9488 is a moderate severity issue with the SMTPAppender. Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.
Release : 6.x
Component :Dollar Universe
The current vulnerability holds a severity rating low https://nvd.nist.gov/vuln/detail/CVE-2020-9488 and is not reflected in our security scan as it is related to SMTP appender and it is not used in Dollar Universe Product, henceforth $U is not impacted by the vulnerability.