Summary: HVR, a Fivetran company, does not ship with log4j and is therefore not directly impacted by the recent security issues regarding log4j.
Details: On Friday December 10, 2021 after CVE-2021-44228 was disclosed, Engineering teams reviewed HVR to determine if Log4j was used anywhere in our services. HVR is not affected by the Apache Log4j vulnerability (CVE-2021-44228).
HVR does dynamically link to 3rd party Java libraries for Salesforce and Hadoop destinations. In those cases, please contact the corresponding vendors for an update of those libraries.