In December 2021 Several vulnerabilities were disclosed for the the Log4j logging framework for Java. Since reporting the vulnerabilities were widely reported to have been exploited in the wild.
CloudMailin is not vulnerable to this attack. None of the components that CloudMailin uses are susceptible to the attack and we have tested several different scenarios to ensure that no component in our stack responds to the reported CVEs.