Closed YoEight closed 2 years ago
We run Grype on both the source code and the latest Jar and the result is the Java gPRC client is not exposed to Log4Shell. We also doubled-checked that we don't even have a dependency to log4j, even transitively.
log4j
thanks @YoEight , closing this but it should answer any questions people have about it
We run Grype on both the source code and the latest Jar and the result is the Java gPRC client is not exposed to Log4Shell. We also doubled-checked that we don't even have a dependency to
log4j
, even transitively.