Recently, a new zero day vulnerability (Log4j) was uncovered in the wild. This vulnerability allows attackers to inject arbitrary code in the Java library Apache Log4j for versions 2.0-2.14.1.
Due to the ability for Remote Code Execution to be exploited, this vulnerability is considered critical. Immediate patching or mitigation is recommended.
After comprehensive review, Dozuki can confirm that our application is not impacted by the Log4j vulnerability. No Dozuki instance, including OnPrem or Private Cloud is affected.
For additional details on our infrastructure, please reference our security overview.