On December 10, 2021, a critical vulnerability (CVE-2021-44228) was published, affecting a commonly used Java component called log4j.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Lattice's core application is not based on Java. The Lattice engineering and security team have verified that the Lattice application does not use log4j.
Lattice's core application is not based on Java. The Lattice engineering and security team have verified that the Lattice application does not use log4j.
Additionally, Lattice has been monitoring its sub-processors for the impact caused by this vulnerability. There is no indication that this vulnerability has compromised any data.