On Thursday 9th December 2021, a 0-day exploit was discovered in the Loading...Java logging library – log4j. The exploit allows for remote code execution (RCE).
Exasol have begun investigating what services are impacted by this exploit and working on fixing the issues as they are identified.
Exasol’s core product is unaffected by this exploit. Some of our open-source code repos were affected by this exploit, an updated version for one is already available and we are already working on the others
exa-DanSt