Update on Log4Shell Vulnerability (CVE-2021-44228)

Welcome to the MongoDB Community Forums @Addisalem_Shiferaw !

As far as I’m aware, the MongoDB Java driver has not used log4j as a dependency.

The 3.4.3 Java driver (released in July 2017) has an optional logging dependency on SLF4J API 1.7.6:

If your application is using Java you should audit any potential usage of log4j, but this dependency should not be introduced by the MongoDB Java driver.

Regards,
Stennie