Ariadne Software is pleased to advise our customers that the CoolSpools application is not impacted by an Apache log4j vulnerability identified in December 2021 as CVE-2021-44228, and that no software updates are required to your CoolSpools application as a result of this vulnerability.

CVE-2021-44228 is a critical software vulnerability that affects certain versions of the Java logging library Log4j, and is a major concern to organisations worldwide, with many companies embarking on a wholesale review of their software to ensure that they are not susceptible to attack.

The CoolSpools product does not make use of Log4j, and the Log4j library is not included in the packaged CoolSpools application, so there are no modules of CoolSpools that are affected by the Apache Log4j vulnerability.