Best Answer

  • Ben_PBen_P Posts: 236 Silver 2
    Hi @Ghath

    Thank you for your inquiry regarding Redgate products impacted by the recent CVE-2021-44228 ‘Log4Shell’ vulnerability.

    Thankfully our external Redgate products are not impacted by this vulnerability as they are built upon .NET and are not susceptible. Our Flyway product does utilize Java and our development teams have ensured that it doesn’t ship using log4j / log4shell.

    A small number of our internal systems which had used the vulnerable version were thoroughly checked for any evidence of exploitation before being patched and updated.

    Redgate takes the security and privacy of its clients seriously so if you have further questions we will happily follow them through with our security team.
Sign In or Register to comment.