Is Autopsy 4.19.3 using Apache Log4j vulnerable to CVE-2021-44832

When 4.19.3 deployed in December 2021, it released with an embedded Apache Log4j version of 2.16. Tenable is identifing anything under 2.17.1 is vulnerable to CVE-2021-44832. Has 2.16 been retested for exploits discovered in this CVE? If so, When is the next release of Autopsy going to occur?

NVD - CVE-2021-44832 (](NVD - CVE-2021-44832)

The next release of Autopsy in early October, 2022 will have Log4j version 2.17.1 as part of it.

Thank you very much.