I already replied to Oleg: log4j2.formatMsgNoLookups=true
In system.properties Regards JB > Le 12 déc. 2021 à 19:05, Paul Spencer <paulspen...@mindspring.com> a écrit : > > For users of Karaf 4.2.x, what is the recommended mitigation for "Apache > Log4j Remote Code Execution Vulnerability", CVE-2021-44228? > > Paul Spencer >