We are closely following the news and we are aware of the newly discovered Log4j vulnerability. We have been extensively looking for any affected components in our products and we have determined that our applications do not use the Log4j package so they are not affected by it.
Our hosting provider was affected by the newly discovered vulnerability and they have already taken the proper actions to mitigate this. Please see the following article for details: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Since our products are live products that evolve every day, we are continuously monitoring all our components and if we identify any instance of the affected library we will move with mitigating the issue immediately.