Closed roycewilliams closed 2 years ago
Its fixed in the current master branch. Older versions were vulnerable but the risk is pretty low, given that you usually scan your own systems and its usually not a service running somewhere on the internet. I couldn't deploy it to maven central yet since the servers are overloaded, probably next week.
Best I could ask for - thanks very much!
Checking on log4j 2 status for this project.