Due to the critical vulnerability CVE-2021-44228 in the Apache Log4j library, I would like to ask if
any version of Log4j is used in any of Java Aspose libraries and if so, are these Aspose libraries vulnerable to the exploit? Specifically Aspose cells, gridweb, html, words, and pdf.
No, Log4j library is not used in your mentioned Aspose (Java) APIs. There is no such vulnerabilities in Aspose for Java libraries, these APIs do not have any built-in logging for it. Your mentioned Aspose libraries are not impacted by Log4j vulnerability CVE-2021-44228.
PS. We also recommend to use latest versions of the Aspose for Java libraries.