Dashlane Not Affected by the Apache log4j 2 Vulnerability
As reported here late last week, we've been made aware of a 0-day exploit in the popular Java logging library log4j. The vulnerability, called Log4Shell, is called "quite severe."
Many services are impacted by this vulnerability, a list of which can be found here.
Is Dashlane affected?
After checking with our Security team, we can confirm that Dashlane does not have any service or internal code that uses this log4j module. We also checked all our SaaS providers and dependencies—even the ones we knew weren't exposed—and they were either not affected at all or have already patched this exploit.
What if I have additional questions?
Don't hesitate to reach out! You can email our support team or use the live chat widget in the corner of the page during business hours. If you are a business customer with a dedicated support contact, you can reach out to them directly as well.