r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Update the software list

Browse Source
pull/463/head
cisagovbot 2 years ago
parent 332c479e66
commit 1b09d6cac2
3 changed files with 319 additions and 65 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      SOFTWARE-LIST.md
  2. 264
      data/cisagov.yml
  3. 111
      data/cisagov_W.yml

9
SOFTWARE-LIST.md
Unescape View File

@ -2939,7 +2939,14 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Western Digital | | | | Unknown | [link](https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WIBU Systems | CodeMeter Cloud Lite | 2.2 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| WIBU Systems | CodeMeter Keyring for TIA Portal | 1.30 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | Only the Password Manager is affected | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| WindRiver | | | | Unknown | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wind River | LTS17 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS18 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS19 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS21 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wind River | WRL-6 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-7 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-8 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-9 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| WireShark | | | | Unknown | [link](https://gitlab.com/wireshark/wireshark/-/issues/17783) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wistia | | | | Unknown | [link](https://status.wistia.com/incidents/jtg0dfl5l224) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WitFoo | | | | Unknown | [link](https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

264
data/cisagov.yml
Unescape View File

@ -86349,35 +86349,279 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WindRiver
product: ''
- vendor: Wind River
product: LTS17
cves:
cve-2021-4104:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS18
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS19
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS21
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wind River
product: WRL-6
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-7
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-8
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-9
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: WireShark
product: ''
cves:

111
data/cisagov_W.yml
Unescape View File

@ -211,275 +211,278 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Wind River
product: WRL-6
product: LTS17
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender
components, however, JMSAppender is deactivated in the release package and not affected by
CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component.
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-7
product: LTS18
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender
components, however, JMSAppender is deactivated in the release package and not affected by
CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component.
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-8
product: LTS19
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender
components, however, JMSAppender is deactivated in the release package and not affected by
CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component.
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-9
product: LTS21
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wind River
product: LTS17
product: WRL-6
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS18
product: WRL-7
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS19
product: WRL-8
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS21
product: WRL-9
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
last_updated: '2022-01-21T00:00:00'
- vendor: WireShark
product: ''
cves:

Write Preview
Loading…
Cancel
Save