Vulnerable Log4j issue Fix

Hi,
We are currently using camunda engine of version 7.14. We need to fix the vulnerable log4j issue. so we are trying to upgrade the engine version as 7.14.15 which is the fixed version of log4j but we were not able to download that particular version. Please advise on the above.

Hi @Asvitha,

the download is here: Enterprise Download | docs.camunda.org

You can access the binaries with your enterprise customer credentials.

Hope this helps, Ingo

Hi @Ingo_Richtsmeier ,
Thanks for the quick response.
we are using community edition…is there any package for community edition to fix this vulnerability.

Hi @Asvitha,

have a look at this thread: Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - #7 by tasso94

Hope this helps, Ingo