Due to the global concern about Log4j vulnerabilities, we have investigated and collected the necessary information to allow us to determine that we are not at risk.
- Downstream does not use Log4j directly in any of its products: CAM350, DFMStream or Blueprint
- Further, to the best of our knowledge, Downstream products are not exposed by any of the dependencies that we use in the products listed above.
- We continue to monitor the situation to ensure that no vulnerabilities due to Log4j exist in our products