Vendor Resources

Resource	Link
https://cloud.google.com/log4j2-security-advisory	https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource	Link
source	https://cloud.google.com/log4j2-security-advisory

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL	Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Pub/Sub Lite environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov	Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Pub/Sub Lite environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov	Last Update: 12/16/2021

Sources

Date	Attribution	Description
2022-01-03 12:08:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.