Everyone is asking us if GIMP is vulnerable to the recent log4j vulnerabilities (also dubbed “log4shell” in the media, in particular regarding to the CVE-2021-44228 zero-day vulnerability).

As an official statement: no, GIMP is not vulnerable to log4shell!

We do not use log4j and there is not even any Java code in GIMP. So enjoy GIMP and feel safe while creating more wonderful artworks 🖼!

📷 Happy GIMPing! 🖌