Last week security researchers found a highly severe vulnerability – known as Log4Shell – from a software component called Apache Log4j. The component is widely used and this vulnerability has already been actively exploited. It has already been rated as one of the worst security flaws ever and it has gained a lot of publicity.
We investigated the vulnerability and our servers and applications. Based on our research our systems are not exposed to the Log4shell vulnerability. It’s mainly related to Java based server applications which we are not using. Software like WordPress or WooCommerce are not affected. Server applications we use like NGINX, PHP-FPM and MariaDB are not affected either.
We will keep actively monitoring the situation and keeping contact with our vendors to ensure safety.
There is a list of all known vulnerable and not vulnerable software.