When 4.19.3 deployed in December 2021, it released with an embedded Apache Log4j version of 2.16. Tenable is identifing anything under 2.17.1 is vulnerable to CVE-2021-44832. Has 2.16 been retested for exploits discovered in this CVE? If so, When is the next release of Autopsy going to occur?
The next release of Autopsy in early October, 2022 will have Log4j version 2.17.1 as part of it.
Thank you very much.