Hi everybody,

a vulnerability in Apache Log4j has been found. The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell.

According to https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot OpenCelium users are not affected by this vulnerability, because we are using default loggining system instead of Log4j.

But if you would like to update dependencies for Log4j you have to follow to the next instruction:

Open build.gradle file and put

implementation 'org.apache.logging.log4j:log4j-core:2.16.0'

in dependencies.

Just write to our #support team in Slack if you have any further questions.

Your OpenCelium Support

Starten Sie jetzt mit Ihrer Connection!


Ihr direkter Draht zu uns

Sie haben Fragen, Anregungen, Wünsche oder stehen vor einer besonderen Herausforderung? Wir freuen uns, von Ihnen zu hören!