Legal position
What happens after submission
Upon receipt of a potential product vulnerability submission, HemoCue will:
- Acknowledge receipt of the submission in a timely manner
- Work with specialized product teams to evaluate and validate reported findings
- Contact the submitter to request additional information, if needed
- Take appropriate action
Click here to submit vulnerability report or continue reading for the latest product security news.
Product Security News
Log4Shell (Apache Log4j)
Updated November 14, 2022
Background
On December 10, 2021, a critical vulnerability (CVE-2021-44228) was reported in Apache Log4j. The vulnerability impacts multiple versions of the Apache Log4j utility and the applications that use it. The vulnerability allows an attacker to execute arbitrary code.
Response
As soon as we received information regarding this serious vulnerability, we assessed all our products, and the conclusion is that we are not using the mentioned library in any of our products and our products are therefore not affected by this threat.