In December 2021, a critical vulnerability was published in the widely used Java library log4j (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228).
VIMP is not affected by this vulnerability because VIMP is not a Java application and therefore does not use Java libraries.
However, there are the following third-party applications that may be connected to VIMP:
Wowza Streaming Engine
If you are using the Wowza Streaming Engine to play videos in VIMP, please secure your Wowza installation according to these instructions.
Open Office or Libre Office
If you are using the VIMP Video Editor V3 and the presentation templates, VIMP accesses the CLI API of Open Office or Libre Office to convert documents. Please check with the manufacturer of the Office package if your installation is affected by the Log4j bug.