r3pek/log4j-affected-db
1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 08:30:48 +00:00
Code Releases Activity

Add Graylog

Browse source
This commit is contained in:
justmurphy 2022-02-02 16:19:21 -05:00 committed by GitHub
parent c081c60b4c
commit 0fa9e57f91
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 88 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

138
data/cisagov_G.yml
View file

@ -1181,7 +1181,7 @@ software:
- ''
last_updated: '2021-12-18T00:00:00'
- vendor: GoCD
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -1221,7 +1221,8 @@ software:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
@ -5464,7 +5465,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Grandstream
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -5505,7 +5506,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
- '3.10.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5535,7 +5536,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
- '3.5.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5565,7 +5566,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.5.x
- '1.5.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5595,7 +5596,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.4.x
- '1.4.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5625,7 +5626,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
- '3.10.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5655,7 +5656,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
- '3.5.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5685,36 +5686,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.4.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee.io
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
- '1.4.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5732,7 +5704,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravwell
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -5740,10 +5712,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -5756,7 +5729,41 @@ software:
unaffected_versions: []
vendor_links:
- https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products
notes: ''
notes: Gravwell products do not use Java.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Graylog
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '3.3.15'
- '4.0.14'
- '4.1.9'
- '4.2.3'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.graylog.org/post/graylog-update-for-log4j
notes: The vulnerable Log4j library is used to record GrayLogs own log information.
Vulnerability is not triggered when GrayLog stores exploitation vector from an outer system.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
@ -5770,9 +5777,9 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All versions >= 1.2.0 and <= 4.2.2
fixed_versions: []
affected_versions: []
fixed_versions:
- 'All versions >= 1.2.0 and <= 4.2.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -5791,7 +5798,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GreenShot
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -5799,10 +5806,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -5848,8 +5856,38 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: GuardedBox
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '3.1.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://twitter.com/GuardedBox/status/1469739834117799939
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Guidewire
product: ''
product: All
cves:
cve-2021-4104:
investigated: false