diff --git a/Dockerfile b/Dockerfile
index d1e7278638f..06383167ef3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -70,6 +70,8 @@ COPY --chmod=644 files/log4j2.xml /image/log4j2.xml
 COPY --chmod=644 files/cf-exclude-include.json /image/cf-exclude-include.json
 COPY --chmod=755 files/auto /auto
 
+RUN curl -fsSL -o /image/Log4jPatcher.jar https://github.com/CreeperHost/Log4jPatcher/releases/download/v1.0.1/Log4jPatcher-1.0.1.jar
+
 RUN dos2unix /start* /auto/*
 
 ENTRYPOINT [ "/start" ]
diff --git a/scripts/start-finalExec b/scripts/start-finalExec
index 8aa178805be..c620b11ca2c 100755
--- a/scripts/start-finalExec
+++ b/scripts/start-finalExec
@@ -77,6 +77,16 @@ if ${useFallbackJvmFlag}; then
   JVM_OPTS="-Dlog4j2.formatMsgNoLookups=true ${JVM_OPTS}"
 fi
 
+if versionLessThan 1.7; then
+  : # No patch required here.
+elif versionLessThan 1.18.1; then
+  if isTrue ${SKIP_LOG4J_PATCHER:-false}; then
+    log "Skipping Log4jPatcher, make sure you are not affected"
+  else
+    JVM_OPTS="-javaagent:/image/Log4jPatcher.jar ${JVM_OPTS}"
+  fi
+fi
+
 if isTrue ${ENABLE_ROLLING_LOGS:-false}; then
   if ! ${canUseRollingLogs}; then
     log "ERROR: Using rolling logs is currently not possible in the selected version due to CVE-2021-44228"