If any critical security issues arise, we may provide comment about the impact to Redox below. The announcements are sorted by date, with the most recent announcement at the top of this page.
December 14, 2021
With regards to the recently-disclosed "Log4Shell" vulnerability in the Apache Log4j project (CVE-2021-44228): Redox has been reviewing our environment to identify any hosts, services, or third party components that had the potential to be vulnerable.
In summary, Redox has not been impacted by the Log4j vulnerability.
Redox’s security team will continue to monitor our environment to help ensure the CVE-2021-44228 vulnerability is fully addressed and does not impact our customers’ data.