Log4j Vulnerability

The Cygna Auditor and PBMS code bases are not susceptible to the Log4j vulnerability that is actively being exploited. This vulnerability is identified as CVE-2021-44228 and given the name Log4Shell. There is no java or Apache libraries in either solution. Cygna Labs always takes the security of our solutions as a top priority and we incorporate reported security updates for dependencies as part of our regular release process.