r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Add CA & Webpage data

Browse Source
pull/21/head
justmurphy 2 years ago committed by GitHub
parent e9016284ee
commit 4b8b3a86b9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      README.md

12
README.md
Unescape View File

@ -5,13 +5,19 @@ This repository provides CISA's guidance and an overview of related software reg
</br>
**Official CISA Guidance & Resources:**
</br>
Webpage: [CISA Apache Log4j Vulnerability Guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance)
</br>
CISA Director Jen Easterly's Statement: [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability).
</br> CISA Current Activity Alert: [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce)
</br> CISA Current Activity Alerts:
</br>
[Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce)
</br>
[CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/13/cisa-creates-webpage-apache-log4j-vulnerability-cve-2021-44228)
</br>
National Vulnerability Database (NVD) Information: [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228)
</br>
</br>
CISA will maintain a list of all publicly available information and vendor-supplied advisories regarding the Log4j vulnerability. This list is not a full list and will be updated continuously. If you have any additional information to share relevant to the log4j vulnerability, please feel free to open an issue [here](https://github.com/cisagov/log4j-affected-db/issues). We have a template available for your submission. Please also feel free to submit a pull request.
CISA will maintain a list of all publicly available information and vendor-supplied advisories regarding the Log4j vulnerability. This list is not a full list and will be updated continuously. If you have any additional information to share relevant to the Log4j vulnerability, please feel free to open an issue [here](https://github.com/cisagov/log4j-affected-db/issues). We have a template available for your submission. Please also feel free to submit a pull request.
# Status Descriptions
@ -24,7 +30,7 @@ CISA will maintain a list of all publicly available information and vendor-suppl
| Under Investigation | Vendor investigating status. |
# Software List
R
| Vendor | Product | Version | Status | Update Available | Vendor Link | Notes | Other References | Last Updated |
|:--------------|:----------------|:---------------:|:---------------:|:-----------------|-------------|-------|:-----------------|--------------:|
| Sample-Vendor | Product-A | 1.15.0 | Affected | Yes/No | [Update Link Here]()| <Statement by vendor, vuln note, etc.>| [Link Here]() | 12/11/2021|

Write Preview
Loading…
Cancel
Save