I am using wildfly-11.0.0-final. I can see the log4j-jboss-logmanager jar has a log4j 1.2.16 dependency. Will it be affected? How to mitigate this?
Asked
Active
Viewed 226 times
1 Answers
2
If you are not using the JMSAppender you shouldn't be exposed if I understand https://www.wildfly.org/news/2021/12/13/Log4j-CVEs/ correctly.
ehsavoie
- 3,126
- 1
- 16
- 14