On 2021-12-09 a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed that could allow remote, unauthenticated attackers to run code on vulnerable systems. The vulnerability is listed as CVE-2021-44228  and is also known as “Log4Shell”. On 12/14/2021, another denial of service vulnerability (CVE-2021-45046 ) was released which caused the initial fixes in version 2.15.0 to be incomplete under certain non-default configurations. Log4j versions 2.16.0 and 2.12.2 are intended to fix both security vulnerabilities.
Localyzer’s security experts immediately analyzed all products and services to determine if our solutions were affected.
Summary : Localyzer’s online marketing platform is not affected and no exploit has been detected.
If you have any questions or concerns about this topic, please contact firstname.lastname@example.org. Security and reliability continue to be top priorities for Localyzer.
 The Log4j vulnerability (CVE-2021-44228) allows unauthenticated remote code execution (RCE) in Java applications running a vulnerable version of Apache Log4j 2. This vulnerability poses a serious risk to those using this version as, if properly exploited, it could allow unauthorized access or full control over systems.
 The limited vulnerability in Log4j (CVE-2021-45046) in some cases invalidates previous vulnerability fixes. These vulnerabilities are fixed in Log4j 2.16.0.