Sign up
Has the log4j vulnerability been fixed in Badlion?
As I'm sure most people know by now, a 0-day exploit was recently discovered in log4j, which Minecraft uses, allowing remote code execution if an attacker is able to cause a certain string to be logged (which is as simple as a player sending a chat message on a server).

Vanilla minecraft just pushed patches to all versions fixing the vulnerability, and lunar announced that they've ensured it doesn't affect them.

Can we get confirmation from Badlion that this issue has been fixed?

I don't know exactly how the patching process works, but simply ensuring that you are getting the latest upstream should fix the issue.

PM Link
Hey @repeater64,

Badlion has officially patched this exploit, so you are safe to play!
PM Link
Awesome, thanks for the response.
PM Link
No problem, glad to help! :)
PM Link
Thread is locked