vy commented on issue #3978: URL: https://github.com/apache/logging-log4j2/issues/3978#issuecomment-3482302133
> **Version:** [2.25.2] @jim-parsons, **you're using a very old version known to contain severe vulnerabilities!** See [the Security page](https://logging.apache.org/security.html#vulnerabilities) for details. Would it be possible for you to upgrade the Log4j to the latest version (i.e., `2.25.2`) and then share the stack trace along with the used Log4j artifacts in the classpath, please? I see that you're using SLF4J as your logging API and Log4j Core as your logging implementation/backend. I urge you to read [the Installation page](https://logging.apache.org/log4j/2.x/manual/installation.html), and follow the instructions there to use a BOM (Bill-of-Materials) and choose the right dependencies. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
