A [CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) has been reported on the popular logging implementation log4j.
As the PostgreSQL JDBC driver does not include this as a dependency we have determined that there is no need for concern. The driver is not vulnerable to this CVE. Regards, Dave Cramer pgjdbc team
