Lately, we have received many requests about a dangerous bug in the Log4j library, and we hasten to reassure you:
none of DBeaver products use log4j for any program needs. It is entirely safe to use the latest DBeaver versions.
A few days ago, it became known about a dangerous Log4Shell vulnerability in the Log4j logging tool, which is distributed in the form of a library along with the Apache Logging Project.
The issue with log4j is applicable for server applications that receive HTTP requests, not for desktop applications such as DBeaver.
You can find more information about the vulnerability here.
Please, feel free to contact our support team if you have additional questions at https://github.com/dbeaver/dbeaver/issues .