BlueX Pay Response to Apache Log4j Vulnerability CVE-2021-44228
BlueX Pay
Created on Dec 15, 2021
Updated on Dec 15, 2021

Issues regarding Apache log4j (log4j) vulnerability CVE-2021-44228 were brought to our attention at BlueX Pay. Our system was not vulnerable to this issue. However, we still performed our due diligence regardless, as outlined below:

  • We performed a comprehensive system and data check. Our findings showed that our data and system components remain intact and consistent
  • We constructed our core system with Golang, not Java. As a result, we were not vulnerable to the issue
  • We implemented emergent upgrades for all supporting system components that were written in Java to fix the issue by Dec 12, 12:00:00 UTC
  • We also added extra web application firewall rules to filter out all potential attacks

If you have any questions for our team, please feel free to email us at