We want to share the actions we’ve taken in response to the publication of the Log4j remote code execution vulnerabilities CVE-2021-44228 and CVE-2021-45046.

Once Vivun was made aware of the vulnerabilities, our Security team partnered with Engineering to review our code base and verify that the vulnerable packages were not in use within it. Both Hero and Eval by Vivun^Ⓡ are unaffected by CVE-2021-44228 and CVE-2021-45046. 

Learn more about Vivun’s commitment to security here.