Thank you! Your feedback helps us improve.

Grammarly’s response regarding CVE-2021-44228 Apache Log4j vulnerability

An Apache Log4j vulnerability (CVE-2021-44228), disclosed on December 9, 2021, impacted multiple versions of the open-source Apache Log4j library. This library is widely used within the technology industry, including at Grammarly.

Grammarly is committed to the security of the individuals, organizations, and developer partners we serve, and protecting their data is a responsibility we take very seriously. From our investigation of the Apache Log4j situation, there is no evidence that any Grammarly services have been compromised in any way

Upon learning of the vulnerability, we immediately conducted a thorough analysis of Grammarly systems that could have been affected. Though the Log4j library was installed on some systems, it was not being actively used for Grammarly’s user-facing services. As a preventative measure, however, our team upgraded the Log4j library to a secure version.

We continue to actively monitor this issue, and no action is required from our customers.

Was this article helpful?
Tell us what you think. We promise to act on your feedback to make Grammarly's support pages even more helpful.
Have more questions? Submit a request