As the vulnerability has been identified in usage of log4j, we have excluded from service but at the time of the deployment through Jenkins same jar getting downloaded every time.
Is there any way we can prevent Jenkins to download that specific jar. or any other configuration needs to be done for same.
thanks in advance.
Jenkins is not using log4j. We have lots of details on Apache Log4j 2 vulnerability CVE-2021-44228
If your asking about your code then that’s more of a maven/gradle/etc question not a Jenkins question.