As Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046) | LunaSec says setting noMsgFormatLookups to True will not work any more. The current Graylog update only includes setting the noMsgFormatLookups variable. When can we expect that this issue get solved?

Graylog and the CVE-2021-45046 vulnerability

shake76 December 15, 2021, 5:49pm 4

Im currently upgrade Graylog to version 3.3.15, just wondering if that include the fix for the last issue mentioned here or a new image is going to be created, I will appreciate your comments on this

Topic		Replies	Views
Question about Log4j Vulnerability CVE-2021-44228 Graylog Central (peer support)	19	4253	January 5, 2022
Log4j Vulnerability CVE-2021-44228 Graylog Central (peer support)	7	5147	December 27, 2021
No Change after update from 4.2.3 to 4.2.4, log4j vulnerability not fixed Graylog Central (peer support)	8	1246	January 1, 2022
CVE-2021-45046 / Log4J Mitigation Graylog Central (peer support)	2	949	January 5, 2022
Announcing Graylog v4.1.2 Updates and Upcoming Events	8	623	November 2, 2021

Graylog and the CVE-2021-45046 vulnerability

Related topics