Hi, Hadoop uses log4j1 even in latest versions. I am concerned about the log4j1 vulnerabilities related to network listening.
Wanted to know the risk for keep using log4j1 in Hadoop. Does it uses those log4j network classes? If no, can we completely remove it? If yes, how can we lessen the risk? Does creating a secure Kerberos network prevents those vulnerabilities ? Can anyone guide me? Thanks, Pulkit
