Break the data matrix. Explore what Redis has to offer.

Learn More

Security Notice

Apache Log4j2 CVE-2021-44228

Last updated date: December 13, 2021

On December 9, 2021 a vulnerability (CVE-2021-44228) impacting versions 2.0-beta9 to 2.14.1 of the Apache Log4j 2 utility was disclosed publicly via the project’s GitHub.

Redis is aware of and evaluating this vulnerability. This is a developing product security event and product status can change as more information becomes available.

Redis Enterprise Software

Redis Enterprise (our self-managed software product) does not use Java and is therefore not impacted by this vulnerability.

Redis Enterprise Cloud

Redis Cloud (our managed cloud service) is not directly impacted by this vulnerability. We have identified and taken steps to mitigate this vulnerability in our Cloud API (CAPI) and limited parts of our management infrastructure.

No workarounds or mitigations are required for Redis products at this time.

Open Source Redis

Open source Redis does not use Java and is therefore not impacted by this vulnerability.

Redis Java Clients

Jedis

Jedis is a Redis sponsored Java client. It uses the affected library in test suites only. A new Jedis release is now available that mitigates the vulnerability. End users are advised to evaluate their exposure to determine upgrade urgency.

Other Clients

End users are advised to follow updates and guidance from the maintainers and the community.

Additional Information

We continue to actively monitor our business infrastructure to identify vulnerable assets but there is no action on the part of our customers required. Where we have identified this potential vulnerability in our business infrastructure, we have been running an ongoing effort to upgrade these systems and deploy appropriate fixes to ensure their integrity.

We will continue to evaluate this matter, and if we determine Redis or our customers are impacted going forward, we will take all appropriate measures to help protect our customers and provide additional communications. We appreciate your trust in us as we continue to make your success our top priority.