...
Info |
---|
Update 13/12 2021: While the issue is mitigated in Apache Log4J2 version 2.15.0 by disabling the feature by default that does not remove the vulnerability itself. Update 14/12 2021: |
How Ceptor can help
Ceptor fortunately does not use Log4J2, but instead SLF4J/Logback, (and Log4J v1.x if configured to do so) so it is not affected.
...