Hi everybody,

a vulnerability in Apache Log4j has been found. The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell.

According to
https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
OpenCelium users are not affected by this vulnerability, because we are using default loggining system instead of Log4j.

But if you would like to update dependencies for Log4j you have to follow to the next instruction:

Open build.gradle file and put

implementation 'org.apache.logging.log4j:log4j-core:2.16.0'

in dependencies.

Just write to our
#support
team in Slack if you have any further questions.

Your OpenCelium Support

start now with your
connection!

We look forward to hearing from you. We will be happy to answer any questions you may have!