Minor Description
Log4j 2 version 2.17.0 addresses a potential vulnerability in non-standard logging configurations using Thread Context Map lookup capabilities, described in CVE-2021-45105.
Although NiFi does not use Log4j 2 for runtime logging, upgrading to version 2.17.0 avoids potential references to older versions in external components.
Attachments
Issue Links
- links to