B4J Question LOG4J problem - are we interested in it too?

Even if.
Just check your library folder and DELETE any OLD log4j Versions and make sure to only have a Version 2.15.0+ installed. Any older Versions should be replaced.

So scary, the moment I clicked the link, my laptop goes blank.
Actually, my laptop is lack of RAM.

If I am not mistaken, this library is used in .NET framework or Newtonsoft JSON library.

Edit: I think I confused with the Crystal Reports dependencies log4net.

DonManfred said:

Even if.
Just check your library folder and DELETE any OLD log4j Versions and make sure to only have a Version 2.15.0+ installed. Any older Versions should be replaced.

Click to expand...

Is not very simple
-Arduino
-Microchip MpLab
-Stm Atollic Studio
- MqttFx
-Stm CubeIDE
-Android Studio
-iMyFone iTranstor
-Penthao
-Jaybird
-Sequoia Erp
........

...only on the first pc scanned
Brrrrrrr, I'm starting to worry

Searching for log4j in my whole HDD I found below
They are in Netbeans which is used by my son for school project (they teach Java on Netbeans)

With reference from https://logging.apache.org/log4j/2.x/ , these seems to be very old to be affected.

Good explanation of Log4J vulnerability.

"The patch (2.15.+) released to close the Java Library vulnerability Log4J also introduces two serious vulnerabilities. The never ending story..."

Dec 15 2021: Administrators who were already scrambling to patch up the Log4Shell flaw are now being advised to update to Log4j version 2.16.0 following the discovery of issues in 2.15.0.​

Dec 18 2021: Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability: The Apache Software Foundation published a new Log4j patch late on Friday after discovering issues with 2.16.0​

I am trying to fix log4j vulnerability for my applications which were old and using 2.2/2.5 version of Log4j. But still running on JDK 1.8. The advised version to avoid log4j issue is to go for Log4j 2.17.1/Log4j 2.17.2 but when I try that it is passing in the build but failing in deployment to Oracle Weblogic server with generic message stating below error message:

<Error> <Deployer> < <bb_ms_1> <[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <28744a88-9cc0-436c-977c-a54240e13a00-00000004> <1650993633947> <BEA-149205> <Failed to initialize the application "BBADMINUIAPP" due to error weblogic.application.ModuleException
weblogic.application.ModuleException
at weblogic.ejb.container.deployer.EjbModuleExtensionFactory.create(EjbModuleExtensionFactory.java:26)
at weblogic.application.internal.ExtensibleModuleWrapper.createModuleExtensions(ExtensibleModuleWrapper.java:264)
at weblogic.application.internal.ExtensibleModuleWrapper.initDrivenObjectArray(ExtensibleModuleWrapper.java:232)
at weblogic.application.internal.ExtensibleModuleWrapper.prepare(ExtensibleModuleWrapper.java:107)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:100)
at weblogic.application.internal.flow.ModuleStateDriver$1.next(ModuleStateDriver.java:175)
at weblogic.application.internal.flow.ModuleStateDriver$1.next(ModuleStateDriver.java:170)
at weblogic.application.utils.StateMachineDriver$ParallelChange.run(StateMachineDriver.java:80)
at weblogic.work.ContextWrap.run(ContextWrap.java:40)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:553)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:311)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:263)
>

Deployment is successful when I try to use 2.2/2.5 version of Lo4j.
Is there any compatibility issue in this leap jump from 2.2 to 2.17.2? Any inputs suggestions or help would be much appreciated.