Regarding the Java library Log4j vulnerability we'd like to report that this Log4j-issue does not affect Blaise and its tools.
Blaise does not use java at all. Java or the JRE (Java Runtime Environment) doesn't need to be installed, and thus it also doesn't use Log4j.
Furthermore, the public web part is hosted on Microsoft IIS and not Apache/Tomcat (which have this problem with Log4j).
One point of interest, however, may be any custom components you use. We have no control over that, so you will have to check that yourselves.