Official Statement about the Log4j Vulnerability

Author avatar
by Debricked Editorial Team
2021-12-21
1 min
Official Statement about the Log4j Vulnerability

Updated at 221221

Debricked has completed a comprehensive analysis (using our own service of course!) of our service including the web application, API’s and website, and has reasonably established that we are not impacted by the Apache Log4j vulnerabilities identified as CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105.

Debricked doesn’t use Java in the codebase for the platform itself; we do run two isolated processes that use Java, but neither of these include Log4j as a dependency, so we are not affected by these CVEs (nor any new ones that may arise for the Log4j package).

Debricked is continuously monitoring the situation and will publish further updates as this situation unfolds. If you have any questions or concerns please do not hesitate to reach out to us at security@debricked.com.