Log4j/Log4Shell CVE-2021-44228

[mclever]

"C:\Program Files (x86)\Arduino\lib\log4j-core-2.12.0.jar" shows up as potentially vulnerable file for Log4j/Log4Shell CVE-2021-44228

[per1234]

Thanks for your report @mclever. This has already been resolved by #11717 and #11723

Please see this page for all the related information from Arduino:

https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228

I'm going to leave this issue open for a little while in order to make the information more visible.