CVE-2021-44228 Log4J impact on HashiCorp Products
Recommendation
CVE-2021-44228 relates to a vulnerability in Log4j, a Java logging framework. Generally, HashiCorp products and services are built using the Go language and ecosystem, and do not utilize Java or specifically Log4j. Investigation continues, but HashiCorp has no known product / service exposure to this vulnerability at this point in time.
More information available from our HC security team here