Last week a serious vulnerability, CVE-2021-44228, was disclosed in the Java-based logging package Log4j. We've performed an audit on our internal software and infrastructure, and we have no instances of Log4j in use directly. We use a number of services from AWS and other cloud vendors and are actively patching and monitoring them.
If you have any further questions please contact us.
