The hotfixes for log4j vulnerability issue are now available here:
The KB Article has also been updated with this link.
HiThe vulnerability is known to be present in 2.0 <= Apache log4j <= 2.15.0.
I find traces of log4J also in other folders than mentioned in the KB
What about these:
1-3 are probably related to the cabi install prosess. Can the folders be removed after installation?As a quick step I have removed the JNDILookUp.class where found.What's the official response?