This is a security hotspot requesting review – not a vulnerability that SonarQUbe is “complaining about”.

With hotspots, we try to give some freedom to users and educate them on how to choose the most relevant/appropriate protections depending on the context (for example, budgets and threats).

So if you’re sure the logging configuraiton is safe, you can mark the hotspot as Safe.

by https://community.sonarsource.com/t/securing-logger-configuration/103501/3