Updated December 11, 2021; 9:00 p.m. PST

Synopsys is aware of the recently disclosed security issue related to the open-source Apache “Log4j2” utility (CVE-2021-44228). For more information,  see the official CVE posting

Based on what we know at this time, we believe that there is limited exposure to Synopsys’ products, services and systems. To the extent we have had exposure, we have remediated or are in the process of remediating the situation. Customers may visit SolvNetPlus or the Software Integrity Group’s community.synopsys.com for additional information.  

Our investigation is ongoing. 

See also: https://www.synopsys.com/blogs/software-security/zero-day-exploit-log4j-analysis/