While I mainly use Adobe ColdFusion, I do maintain several Lucee installs - most of which are running on auto-pilot and/or hosted/configured/maintained by the host. However, when I first heard of the Lucee vulnerability on the Modernize or Die podcast, I decided to take an inventory of where I was using Lucee to see what needed upgrades and patches. Lucee patches for this vulnerability are 22.214.171.124, 126.96.36.199, and 188.8.131.52. I was running 4.5.1.024. This Lucee install was woefully out of date, so much so that an update for 4 was not listed. Indeed, a comment from Zac Spitzer indicated that 4.5 was probably not affected. Nevertheless, it was time to upgrade.