Skip to main content
OCLC Support

Are OCLC products updated against the Log4j vulnerability?

Applies to
  • OCLC Products and Services

On December 10, 2020, a critical remote code execution vulnerability CVE-2021-44228, called “Log4j,” in a popular Java technology logging package was reported. OCLC immediately assessed the potential impact to products and services and took steps to mitigate potential issues.

OCLC has not detected any indication of compromise to our systems. We will continue to monitor our systems and services and will provide updates as necessary through our OCLC Community Center and listservs.

Additional information

For the most current information about OCLC systems, visit the OCLC System Status dashboard at

EZproxy status for Log4j

ILLiad status for Log4j

Page ID