Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"

Yingjie Li

Hello All, 

I have run janusgraph all in one 0.6.1 (janusgraph-full-0.6.1) and have embeded cassandra  and elastic search. It seems that the embeded log4j has security issues and the recomended fixes as as below. Any people have done this for their installation, what are the recommended fix ?


1.      Upgrade the affected product listed below to a version which includes a patched version of log4j – CISO requires all version 1.x and 2.x to be upgraded to version 2.17.1 or later. 
2.      If upgrade is not possible, the affected component must be uninstalled or deleted.

Join janusgraph-users@lists.lfaidata.foundation to automatically receive all group messages.