Vendor Resources

Resource	Link
https://cloud.google.com/log4j2-security-advisory	https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource	Link
source	https://cloud.google.com/log4j2-security-advisory

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL	Dataproc Metastore has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent two notifications with instructions on December 17, 2021 with the subject line “Important information regarding Log4j 2 vulnerability in your gRPC-enabled Dataproc Metastore.”
CISAGov	Dataproc Metastore has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent two notifications with instructions on December 17, 2021 with the subject line “Important information regarding Log4j 2 vulnerability in your gRPC-enabled Dataproc Metastore.”
CISAGov	Last Update: 12/20/2021

Sources

Date	Attribution	Description
2022-01-03 12:08:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.