No. We can confirm that the Log4j vulnerability is not present and cannot be exploited in any current versions of OnePager, nor was it present or exploitable in any prior versions of OnePager.
All editions of OnePager are local to the Windows desktop and are not hosted in Apache environments.
Any network connections that OnePager makes (e.g. Project Online or Smartsheet) do not utilize Java.
OnePager versions 7.1 and later do utilize a Java library to facilitate the parsing of some file formats, but that parsing is done on local files, and no network connection is ever established. Further, this Java library does not utilize Log4j.
Last Updated: December 16, 2021