@Shashi_Mulugu We're seeing the same issue.  Sending a large GET request in Postman to the publish server works, but sending the same request to the author server fails with a 502.

Both these plugins were downloading the old log4j jars:filevault-package-maven-plugincontent-package-maven-plugin The solution was to add the following dependency exclusion to both plugins:  <dependency> <groupId>org.apache.xbean</groupId> <artifactId>xbean-reflect</artifactId> <version>3.4</vers...

Running with the -X option shows that it's coming from Adobe Content Package Maven Pluginwhich hasn't been updated since 2020. DEBUG] com.day.jcr.vault:content-package-maven-plugin:jar:1.0.2 [DEBUG] org.apache.maven:maven-core:jar:3.2.5:compile [DEBUG] org.apache.maven:maven-settings:jar:3....

When running a maven build for a local installation of AEM, the very first thing it does is to reach out to the maven central repo and download an old version of log4j that has known vulnerabilities: INFO] Scanning for projects...Downloading from central: https://repo.maven.apache.org/maven2/log4j/l...