r3pek/log4j-affected-db
1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 08:30:48 +00:00
Code Releases Activity

Merge pull request #490 from cisagov/update_G

Browse source 
Update G products
This commit is contained in:
justmurphy 2022-02-02 16:22:24 -05:00 committed by GitHub
commit 7f417e25a6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 539 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

616
data/cisagov_G.yml
View file

@ -374,7 +374,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Gearset
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -403,7 +403,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Genesys
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -432,7 +432,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GeoServer
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -460,8 +460,68 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gerrit code review
product: ''
- vendor: GeoSolutions
product: GeoNetwork
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
'All'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
notes: ''
references:
- ''
last_updated: '2021-12-16T07:18:50+00:00'
- vendor: GeoSolutions
product: GeoServer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
notes: ''
references:
- ''
last_updated: '2021-12-16T07:18:50+00:00'
- vendor: Gerrit Code Review
product: All
cves:
cve-2021-4104:
investigated: false
@ -489,8 +549,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GFI
product: ''
- vendor: GFI Software
product: All
cves:
cve-2021-4104:
investigated: false
@ -518,8 +578,38 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GFI Software
product: Kerio Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ghidra
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -547,6 +637,36 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ghisler
product: Total Commander
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ghisler.com/whatsnew.htm
notes: Third Party plugins might contain log4j.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gigamon
product: Fabric Manager
cves:
@ -557,9 +677,9 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <5.13.01.02
fixed_versions: []
affected_versions: []
fixed_versions:
- '<5.13.01.02'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -608,8 +728,8 @@ software:
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: GitLab
product: ''
- vendor: GitHub
product: GitHub Enterprise Server
cves:
cve-2021-4104:
investigated: false
@ -617,9 +737,13 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
fixed_versions:
- '3.0.22'
- '3.1.14'
- '3.2.6'
- '3.3.1'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -632,13 +756,223 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: GitLab
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GitLab
product: DAST Analyzer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GitLab
product: Dependency Scanning
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GitLab
product: Gemnasium-Maven
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GitLab
product: PMD OSS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GitLab
product: SAST
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GitLab
product: Spotbugs
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Globus
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -666,6 +1000,36 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GoAnywhere
product: Agents
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
notes: ''
references:
- ''
last_updated: '2021-12-18T00:00:00'
- vendor: GoAnywhere
product: Gateway
cves:
@ -676,9 +1040,9 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 2.8.4
fixed_versions: []
affected_versions: []
fixed_versions:
- 'Version 2.7.0 or later'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -706,9 +1070,9 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 6.8.6
fixed_versions: []
affected_versions: []
fixed_versions:
- 'Version 5.3.0 or later'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -737,7 +1101,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 1.6.5
- '1.4.2 or later'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -752,12 +1116,72 @@ software:
unaffected_versions: []
vendor_links:
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
notes: Versions less than GoAnywhere Agent version 1.4.2 are not affected.
references:
- ''
last_updated: '2021-12-18T00:00:00'
- vendor: GoAnywhere
product: Open PGP Studio
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
notes: ''
references:
- ''
last_updated: '2021-12-18T00:00:00'
- vendor: GoAnywhere
product: Suveyor/400
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
notes: ''
references:
- ''
last_updated: '2021-12-18T00:00:00'
- vendor: GoCD
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -797,7 +1221,8 @@ software:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
@ -4931,7 +5356,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- < 2021.3.6
- '< 2021.3.6'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -4961,7 +5386,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- < 10.1
- '< 10.1'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -4991,7 +5416,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- < 1.6.2
- '< 1.6.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -5040,7 +5465,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Grandstream
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -5081,7 +5506,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
- '3.10.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5111,7 +5536,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
- '3.5.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5141,7 +5566,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.5.x
- '1.5.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5171,7 +5596,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.4.x
- '1.4.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5201,7 +5626,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
- '3.10.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5231,7 +5656,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
- '3.5.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5261,36 +5686,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.4.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee.io
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
- '1.4.x'
cve-2021-45046:
investigated: false
affected_versions: []
@ -5308,7 +5704,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravwell
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -5316,10 +5712,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -5332,7 +5729,41 @@ software:
unaffected_versions: []
vendor_links:
- https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products
notes: ''
notes: Gravwell products do not use Java.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Graylog
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '3.3.15'
- '4.0.14'
- '4.1.9'
- '4.2.3'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.graylog.org/post/graylog-update-for-log4j
notes: The vulnerable Log4j library is used to record GrayLogs own log information.
Vulnerability is not triggered when GrayLog stores exploitation vector from an outer system.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
@ -5346,9 +5777,9 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All versions >= 1.2.0 and <= 4.2.2
fixed_versions: []
affected_versions: []
fixed_versions:
- 'All versions >= 1.2.0 and <= 4.2.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -5367,7 +5798,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GreenShot
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -5375,10 +5806,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -5424,8 +5856,38 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: GuardedBox
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '3.1.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://twitter.com/GuardedBox/status/1469739834117799939
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Guidewire
product: ''
product: All
cves:
cve-2021-4104:
investigated: false