While I believe this is true, can we confirm that Gitlab is not vulnerable to the log4j CVE-2021-4428 vulnerability?

We’ve just published a blog post detailing the actions we’ve taken in response to the remote code execution Log4j vulnerabilities ( CVE-2021-44228 ) and ( CVE-2021-45046 ) at Updates and actions to address Log4j CVE 2021 44228 and CVE 2021 45046 in GitLab | GitLab .

Cve-2021-4428

DevSecOps

dnsmichi December 13, 2021, 10:47am 7

Hi,

thanks for asking. Sharing an update below.

Edit: Follow Cve-2021-4428 - #9 by gitlab-greg for the most recent update.

Cheers,
Michael

5 Likes

Topic		Replies	Views
Gitlab : Emergency Patch Deployment for Apache Log4j DevSecOps	3	2862	December 17, 2021
Apache Log4j Remote Code Execution (RCE) Vulnerability in Gitlab CE DevSecOps docker , security	1	942	December 22, 2021
Git vulnerability? General security	1	383	September 15, 2021
Are the vulnerabilities detailed at https://about.gitlab.com/releases/2022/06/30/critical-security-release-gitlab-15-1-1-released/ present in Gitlab Omni 13.12.12 please? General	7	497	July 13, 2022
GitLab read and write logs How to Use GitLab	0	454	July 6, 2017

Cve-2021-4428

Related topics