I am using Gitlab Community verison 14.4.2 in a docker container.
My Gitlab instance is not exposed to internet.
I wanted to know is Gitlab CE affected by the Apache Log4j Remote Code Execution (RCE) Vulnerability?
I am not using any SAST or Dependency Scanning analyzers.
I was following this article Updates and actions to address Log4j CVE 2021 44228 and CVE 2021 45046 in GitLab | GitLab but didnt find the answers i was looking for.
What actions do i need to take?
Do i need to update Gitlab to its latest version?
Or Gitlab CE 14.4.2 is not affected by this vulnerability?