|
|
|
|
|
|
by shartte
1651 days ago
|
|
|
You can disregard a combination of log4j-api+log4j-over-slf4j (as is used by default by Spring Boot) since the actual vulnerability is not in the Log4j2 API, but rather in the actual logging implementation. So forwarding of the Log4j2 API via slf4j to logback is unaffected. |
|
|