#2298 jars impacted by Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)

[Vikram]

Hi Team,

We are using following jar provided by you :

javassist-3.8.0.GA 3.8.0
javassist-3.12.1.GA 3.12.1
We want to ensure and know if it is impacted by “Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)”. If it’s impacted please let us know about the security recommendation. To know we are looking for following answer

Are you using log4J?
If you are using log4j 1.x version, are you using JMSAppender class
if you are using log4j 2.x are , what is your security recommendation to fix the issue.
Thanks,
Vikram Somawar