Is Postman impacted by the Log4j vulnerability CVE-2021-44228?

On Thursday, December 9th, a zero-day exploit CVE-2021-44228 in a popular java logging library (Log4J) was discovered that results in remote code execution.  

The Postman Security Team immediately began looking into this vulnerability and assessing the impact on our environments. Our assessment revealed that the Postman platform is not affected as we are not using the Log4J library internally, and validated any 3rd parties in the product are not impacted.



Have more questions? Submit a request