Is Apache Log4j 2.12.4 patched?
Summary iPlain-English security status for Apache Log4j 2.12.4, built from its CVEs, active-exploitation data, end-of-life date and latest release.
Apache Log4j 2.12.4 is part of the 2.12 release line. No known vulnerabilities affect it in our data. The 2.12 line reached end-of-life on 2021-12-14, so it no longer receives security patches. The latest supported Apache Log4j release is 2.26.0.
Known issues affecting 2.12.4
None found for this version. ✓
Other Apache Log4j versions
Check another release line of Apache Log4j.
Frequently asked
Is Apache Log4j 2.12.4 patched?
Apache Log4j 2.12.4 is end-of-life and no longer receives security patches. Move to 2.26.0.
When does Apache Log4j 2.12 reach end-of-life?
Apache Log4j 2.12 reached end-of-life on 2021-12-14 and no longer receives security patches.
What is the latest version of Apache Log4j?
The latest supported Apache Log4j release is 2.26.0.
Is Apache Log4j 2.12.4 still receiving security updates?
No — Apache Log4j 2.12.4 is on the 2.12 line, which reached end-of-life on 2021-12-14 and no longer receives security updates. Upgrade to 2.26.0 or later to stay supported.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Apache's official advisory before you patch or upgrade — Apache Log4j official site ↗