This page is from our blog archive
It's still useful, but it's worth searching for up-to-date information in one of our more recent blog posts.
You may have read about the recently-discovered Apache Log4j vulnerability ‘CVE2021-44228’.
We’re happy to reassure our customers and partners that none of our products are directly affected by this issue.
All of our products (KeyLines, ReGraph and KronoGraph) are delivered to customers as standalone downloads. All required dependencies are included in the software packages. None of them use Log4j.
However, other components in your application may have Log4j dependencies, so we recommend you check those separately.
If you have any further queries, please refer to the security documentation found on each product SDK site, or feel free to contact your account manager.