diff --git a/backend/build.gradle b/backend/build.gradle
index c719c2af9..f41778d28 100644
--- a/backend/build.gradle
+++ b/backend/build.gradle
@@ -138,6 +138,10 @@ dependencies {
     ['starter-web', 'starter-data-jpa', 'starter-security', 'starter-actuator', 'devtools', 'starter-webflux', 'starter-thymeleaf', 'starter-mail', 'starter-validation'].each {
         compile "org.springframework.boot:spring-boot-${it}"
     }
+    // To override older version with security issue - https://www.lunasec.io/docs/blog/log4j-zero-day/
+    implementation 'org.apache.logging.log4j:log4j-to-slf4j:2.15.0'
+    implementation 'org.apache.logging.log4j:log4j-api:2.15.0'
+
     // TODO: figure out what this should really be
     runtimeOnly 'org.springframework.boot:spring-boot-starter-tomcat'