Hi,
I am curious as there is no thread or statement yet concerning the latest log4j vulnerabilities.
Is duplicacy (cli and ui) or any used third party component using log4j?
If yes: when there will be an update to the latest version 2.17?
If no: thanks for the info 
Zhanks
No, we donβt use log4j in the cli, web gui, or this website.
Duplicacy is written in go. It canβt be affected by some java library vulnerability, and there is no reason to make any statements about some unrelated third party library.
What is β2.17β? This does not look like any recent duplicacy version.
The current version of Duplicacy CLI is 2.7.2 and WebUI β 1.5.0 (or 1.5.1 depending on how you look at it).