Official statement about the Log4j Vulnerability

Updated at 221221

Debricked has completed a comprehensive analysis (using our own service of course!) of our service including the web application, API’s and website, and has reasonably established that we are not impacted by the Apache Log4j vulnerabilities identified as CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105.

Debricked doesn’t use Java in the codebase for the platform itself; we do run two isolated processes that use Java, but neither of these include Log4j as a dependency, so we are not affected by these CVEs (nor any new ones that may arise for the Log4j package).

Debricked is continuously monitoring the situation and will publish further updates as this situation unfolds. If you have any questions or concerns please do not hesitate to reach out to us at security@debricked.com.

Want to stay up to date with our latest news and products?

Share on linkedin
Share on twitter
Share on facebook
Share on google

Leave a comment

Your email address will not be published. Required fields are marked *