Open sharon-tickell opened 1 year ago
The log4J dependencies in this library were to versions older than v2.17.0, which means that they still have the critical log4shell vulnerability. This PR updates both to v2.21.1, which is the current stable and supported version of log4j.
The log4J dependencies in this library were to versions older than v2.17.0, which means that they still have the critical log4shell vulnerability. This PR updates both to v2.21.1, which is the current stable and supported version of log4j.