log4j

I am contacting you seeking urgent confirmation of the status of Scripting suite regarding the following vulnerabilities

• Apache Log4j 2 vulnerability (CVE-2021-44228) which the NCSC are recommending urgent and immediate remediation.
• Apache Log4j 2 vulnerability (CVE-2021-45105) requires remediation
• Apache Log4j 2 vulnerability (CVE-2021-45046) requires remediation
• Apache Log4j1 JMS Appender vulnerability (CVE-2021-4104) requires remediation

‌

If your product(s) is vulnerable to any of the CVE’S above can you confirm and provide a mitigation for your product for each CVE where it is appropriate

Regards

Mike Yoa