There is no version of apache storm which doesn't use log4j 2.x version (which is affected by CVE-2021-44228 vulnerability). I found this fix on log4j website:y
jooby
v-model
cross-site
outlook.application
ahead-of-time-compile
magento-1.4
bootsnap
react-functional-component
shopifyscripts
imgix
strpos
awesomium
oledb
preloading
monoliths
owlready
wasmtime
google-contacts-api
angular-module-federation
android-device-owner
br-automation-studio
slide
jest-mock-axios
redux-form-validators
authenticationchallenge
ggtimeseries
bartintcolor
groovydsl
goinstall
nestjs-fastify
