Does anyone know if log4j vulnerability affect Xcode 12.5?
log4j vulnerability with Xcode 12.5?
See my answer here: https://developer.apple.com/forums//thread/696785
See 13.2.1 release notes:
Xcode contains a copy of the log4j library that has the CVE-2021-44228 security vulnerability. Xcode automatically downloads an updated version of this library and installs it into ~/Library/Caches/com.apple.amp.itmstransporter. When submitting apps to the App Store, Xcode uses the updated version of the library. (86390060)
So, 13.2.1 handles this at the time you upload code.