Recent security reports have highlighted a vulnerability involving the JavaScript Polyfill service, cdn.polyfill.io, https://dev.to/snyk/polyfill-supply-chain-attack-embeds-malware-in-javascript-cdn-assets-55d6. We want to assure you that this vulnerability does not impact Riva products or services.
Why You're Receiving This Notification:
Transparency and security are top priorities at Riva. We continually monitor and address potential security risks to ensure our products remain secure.
How We Address Polyfill.io Vulnerability:
The Riva Sync engine, core to our product functionality, does not rely on JavaScript. While some front-end web applications utilize JavaScript libraries, we can confirm we do not use the cdn.polyfill.io service.
Our Commitment to Security:
We are committed to maintaining a secure environment for our customers. We regularly update our systems and dependencies to address potential vulnerabilities. We recommend our customers follow security best practices and stay informed about the latest security threats.
For More Information:
If you have any questions regarding this notification or our security practices, please don't hesitate to contact our Client Success team here.