jageall
commented
2 years ago thanks @YoEight , closing this but it should answer any questions people have about it
Closed YoEight closed 2 years ago
jageall
commented
2 years ago thanks @YoEight , closing this but it should answer any questions people have about it
We run Grype on both the source code and the latest Jar and the result is the Java gPRC client is not exposed to Log4Shell. We also doubled-checked that we don't even have a dependency to
log4j, even transitively.