The log4j vulnerability is dangerous in multiplayer when playing on unpatched versions of Minecraft. Merely testing your mod while using an unpatched version of Minecraft doesn't put your computer at high risk because you aren't running in Multiplayer.

However, if you want to take the extra step to ensure your Minecraft is vulnerability free, you can add the following line to the VM arguments when running your client:

-Dlog4j2.formatMsgNoLookups=true

You can access the VM arguments by clicking the tiny black arrow next to the run button. Then click run configurations. You will see a handful of run configs under "Java Application". Pick one of them that says: "client"

Go to arguments and add the line in the VM arguments field.

You can do this for every run configuration or just the one you are using.

Did this answer your question?