Log4j in Myst
A critical security vulnerability has been identified in the 'Apache Log4j 2' library. This vulnerability is identified as CVE-2021-44228.
Myst is unaffected as we are using log4j1 whereas the vulnerability CVE-2021-44228 impacts log4j2. Therefore, no immediate action to Myst is required by Myst Software customers regarding this issue.
We are currently upgrading Myst to use the latest version of log4j2 to avoid any other issues. Once available, a standard Myst upgrade will suffice.
Further updates will come through our website and the Myst Slack Community.
Log4j in Third Party Tools
For other third party tools generally integrated with Myst (but not managed by Myst Software) here are some helpful links.