Log4J version in apm-agent

Hi!

We are using apm-agent library (apm-agent-attach) in a java application, and we've seen lastest version of apm-agent (1.52.1) comes with log4j 2.12.4, which has some vulnerabilities.

Are there any plans to launch a new version of apm-agent with a newest version of log4j, or even with logback instead of it? Or any alternatives to avoid having a vulnerable version of log4j...

Many thanks!

1 post - 1 participant

Read full topic

Backend Development

Git

CMD

Linux-Ubontu

AWS

Azure

Database

Data

AI and Machine Learning

Network-Server

Quantum Computing

Software Development

Game Development

CRM

DevOps

Blockchain

Multimedia

Hardware

Security

Shopify

Microsoft Services

Google Services

Apple Services

Adobe Services

JS Frameworks

Log4J version in apm-agent