Page History
More about the issue https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
...
- if found: log4j-core-2.11.2.jar
- then remove log4j-core-2.11.2.jar
- copy log4j-core-2.15.0.jar over to log4j-core-2.11.2.jar
- repeat for any other log4j 2.x file found.
Detailed See detailed procedure to mitigate the risk concerning the CVE-2021-44228 vulnerability. log4J_procedure.pdf
Option 2
If you cannot upgrade log4j, you may add
...