You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5918 lines
171 KiB
5918 lines
171 KiB
---
|
|
version: '1.0'
|
|
owners:
|
|
- name: cisagov
|
|
url: https://github.com/cisagov/log4j-affected-db
|
|
software:
|
|
- vendor: GE Digital
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://digitalsupport.ge.com/communities/en_US/Alert/GE-Security-Advisories
|
|
notes: This advisory is available to customers only and has not been reviewed
|
|
by CISA.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Digital Grid
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://digitalenergy.service-now.com/csm?id=kb_category&kb_category=b8bc715b879c89103f22a93e0ebb3585
|
|
notes: This advisory is available to customers only and has not been reviewed
|
|
by CISA.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: Asset Performance Management (APM)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: GE Digital has fixed the log4j issue on the APM. Validation and test completed
|
|
in development environment and the team is currently deploying the fixes in
|
|
the production environment.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: Baseline Security Center (BSC)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- ''
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: GE Gas Power is still validating the workaround provided by FoxGuard in
|
|
Technical Information Notice – M1221-S01.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: Baseline Security Center (BSC) 2.0
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: GE Gas Power has tested and validated the component of the BSC 2.0 that
|
|
is impacted (McAfee SIEM 11.x). The update and instructions can be downloaded
|
|
from link in reference section. This update is available to customer only and
|
|
has not been reviewed by CISA.
|
|
references:
|
|
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029420)'
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: Control Server
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- ''
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: Please see vCenter. Control Server is not directly impacted. It is impacted
|
|
through vCenter.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: MyFleet
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: OPM Performance Intelligence
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: OPM Performance Planning
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: Tag Mapping Service
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Gas Power
|
|
product: vCenter
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
|
notes: GE Gas Power has tested and validated the update provided by Vmware. The
|
|
update and instructions can be downloaded from link in reference section. This
|
|
update is available to customer only and has not been reviewed by CISA.
|
|
references:
|
|
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029417)'
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: GE Healthcare
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://securityupdate.gehealthcare.com
|
|
notes: This advisory is not available at the time of this review, due to maintence
|
|
on the GE Healthcare website.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Gearset
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Genesys
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GeoServer
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GeoSolutions
|
|
product: GeoNetwork
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: All
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-16T07:18:50+00:00'
|
|
- vendor: GeoSolutions
|
|
product: GeoServer
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- All
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-16T07:18:50+00:00'
|
|
- vendor: Gerrit Code Review
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gerritcodereview.com/2021-12-13-log4j-statement.html
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GFI Software
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GFI Software
|
|
product: Kerio Connect
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Ghidra
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Ghisler
|
|
product: Total Commander
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ghisler.com/whatsnew.htm
|
|
notes: Third Party plugins might contain log4j.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gigamon
|
|
product: Fabric Manager
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- <5.13.01.02
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://community.gigamon.com/gigamoncp/s/my-gigamon
|
|
notes: Updates available via the Gigamon Support Portal. This advisory available
|
|
to customers only and has not been reviewed by CISA.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: GitHub
|
|
product: GitHub
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- GitHub.com and GitHub Enterprise Cloud
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: GitHub
|
|
product: GitHub Enterprise Server
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- 3.0.22
|
|
- 3.1.14
|
|
- 3.2.6
|
|
- 3.3.1
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: GitLab
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GitLab
|
|
product: DAST Analyzer
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GitLab
|
|
product: Dependency Scanning
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GitLab
|
|
product: Gemnasium-Maven
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GitLab
|
|
product: PMD OSS
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GitLab
|
|
product: SAST
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GitLab
|
|
product: Spotbugs
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Globus
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://groups.google.com/a/globus.org/g/discuss/c/FJK0q0NoUC4
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GoAnywhere
|
|
product: Agents
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-18T00:00:00'
|
|
- vendor: GoAnywhere
|
|
product: Gateway
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- Version 2.7.0 or later
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-18T00:00:00'
|
|
- vendor: GoAnywhere
|
|
product: MFT
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- Version 5.3.0 or later
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-18T00:00:00'
|
|
- vendor: GoAnywhere
|
|
product: MFT Agents
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- 1.4.2 or later
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
|
notes: Versions less than GoAnywhere Agent version 1.4.2 are not affected.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-18T00:00:00'
|
|
- vendor: GoAnywhere
|
|
product: Open PGP Studio
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- ''
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-18T00:00:00'
|
|
- vendor: GoAnywhere
|
|
product: Suveyor/400
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-18T00:00:00'
|
|
- vendor: GoCD
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gocd.org/2021/12/14/log4j-vulnerability.html
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:52+00:00'
|
|
- vendor: Google
|
|
product: Chrome
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
|
notes: Chrome Browser releases, infrastructure and admin console are not using
|
|
versions of Log4j affected by the vulnerability.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-14'
|
|
- vendor: Google Cloud
|
|
product: Access Transparency
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Actifio
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
|
|
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
|
|
for the full statement and to obtain the hotfix (available to Actifio customers
|
|
only).
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AI Platform Data Labeling
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AI Platform Neural Architecture Search (NAS)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AI Platform Training and Prediction
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
Anthos environments to identify components dependent on Log4j 2 and update them
|
|
to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos Config Management
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos Connect
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos Hub
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos Identity Service
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos on VMWare
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
|
|
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
|
|
to their VMware products as they become available. We also recommend customers
|
|
review their respective applications and workloads affected by the same vulnerabilities
|
|
and apply appropriate patches.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos Premium Software
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Anthos Service Mesh
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Apigee
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not
|
|
used and therefore the VMs were not impacted by the issues in CVE-2021-44228
|
|
and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution.
|
|
It is possible that customers may have introduced custom resources that are
|
|
using vulnerable versions of Log4j. We strongly encourage customers who manage
|
|
Apigee environments to identify components dependent on Log4j and update them
|
|
to the latest version. Visit the Apigee Incident Report for more information.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: App Engine
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
App Engine environments to identify components dependent on Log4j 2 and update
|
|
them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AppSheet
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At
|
|
this time, we have identified no impact to core AppSheet functionality. Additionally,
|
|
we have patched one Java-based auxiliary service in our platform. We will continue
|
|
to monitor for affected services and patch or remediate as required. If you
|
|
have any questions or require assistance, contact AppSheet Support.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Artifact Registry
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Assured Workloads
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AutoML
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AutoML Natural Language
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AutoML Tables
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AutoML Translation
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AutoML Video
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: AutoML Vision
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: BigQuery
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: BigQuery Data Transfer Service
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: BigQuery Omni
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: BigQuery Omni, which runs on AWS and Azure infrastructure, does not use
|
|
Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
|
|
We continue to work with AWS and Azure to assess the situation.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Binary Authorization
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Certificate Manager
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Chronicle
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Asset Inventory
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Bigtable
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Build
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
Cloud Build environments to identify components dependent on Log4j 2 and update
|
|
them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud CDN
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Composer
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and
|
|
is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible
|
|
that customers may have imported or introduced other dependencies via DAGs,
|
|
installed PyPI modules, plugins, or other services that are using vulnerable
|
|
versions of Log4j 2. We strongly encourage customers, who manage Composer environments
|
|
to identify components dependent on Log4j 2 and update them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-15T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Console App
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Data Loss Prevention
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Debugger
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Deployment Manager
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud DNS
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Endpoints
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud External Key Manager (EKM)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Functions
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
Cloud Functions environments to identify components dependent on Log4j 2 and
|
|
update them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Hardware Security Module (HSM)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Interconnect
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Intrusion Detection System (IDS)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Key Management Service
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Load Balancing
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Logging
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Natural Language API
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Network Address Translation (NAT)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Profiler
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Router
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Run
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
Cloud Run environments to identify components dependent on Log4j 2 and update
|
|
them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Run for Anthos
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
Cloud Run for Anthos environments to identify components dependent on Log4j
|
|
2 and update them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Scheduler
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud SDK
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Shell
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
Cloud Shell environments to identify components dependent on Log4j 2 and update
|
|
them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Source Repositories
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Spanner
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud SQL
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Storage
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Tasks
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Trace
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Traffic Director
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Translation
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Vision
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud Vision OCR On-Prem
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Cloud VPN
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: CompilerWorks
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Compute Engine
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Compute Engine does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine,
|
|
we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes
|
|
to Google Cloud VMware Engine as they become available.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Contact Center AI (CCAI)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Contact Center AI Insights
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Container Registry
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Data Catalog
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228
|
|
and CVE-2021-45046. We strongly encourage customers who introduced their own
|
|
connectors to identify dependencies on Log4j 2 and update them to the latest
|
|
version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Data Fusion
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Data Fusion does not use Log4j 2, but uses Dataproc as one of the options
|
|
to execute pipelines. Dataproc released new images on December 18, 2021 to address
|
|
the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow
|
|
instructions in a notification sent on December 18, 2021 with the subject line
|
|
“Important information about Data Fusion.”
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Database Migration Service (DMS)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Dataflow
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: 'Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228
|
|
and CVE-2021-45046. If you have changed dependencies or default behavior, it
|
|
is strongly recommended you verify there is no dependency on vulnerable versions
|
|
Log4j 2. Customers have been provided details and instructions in a notification
|
|
sent on December 17, 2021 with the subject line “Update #1 to Important information
|
|
about Dataflow.”'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Dataproc
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Dataproc released new images on December 18, 2021 to address the vulnerabilities
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions
|
|
in notifications sent on December 18, 2021 with the subject line “Important
|
|
information about Dataproc” with Dataproc documentation.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Dataproc Metastore
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Dataproc Metastore has been updated to mitigate the issues identified in
|
|
CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent
|
|
two notifications with instructions on December 17, 2021 with the subject line
|
|
“Important information regarding Log4j 2 vulnerability in your gRPC-enabled
|
|
Dataproc Metastore.”
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Datastore
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Datastream
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Dialogflow Essentials (ES)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Document AI
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Event Threat Detection
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Eventarc
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Filestore
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Log4j 2 is contained within the Filestore service; there is a technical
|
|
control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046.
|
|
Log4j 2 will be updated to the latest version as part of the scheduled rollout
|
|
in January 2022.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Firebase
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Firestore
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Game Servers
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Google Cloud Armor
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Google Cloud Armor Managed Protection Plus
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Google Cloud VMware Engine
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: We are working with VMware and tracking VMSA-2021-0028.1. We will deploy
|
|
fixes as they become available.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-11T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Google Kubernetes Engine
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Google Kubernetes Engine does not use Log4j 2 and is not impacted by the
|
|
issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have
|
|
introduced a separate logging solution that uses Log4j 2. We strongly encourage
|
|
customers who manage Google Kubernetes Engine environments to identify components
|
|
dependent on Log4j 2 and update them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Healthcare Data Engine (HDE)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Human-in-the-Loop AI
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: IoT Core
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Key Access Justifications (KAJ)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Looker
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Looker-hosted instances have been updated to a Looker version with Log4j v2.16.
|
|
Looker is currently working with third-party driver vendors to evaluate the
|
|
impact of the Log4j vulnerability. As Looker does not enable logging for these
|
|
drivers in Looker-hosted instances, no messages are logged. We conclude that
|
|
the vulnerability is mitigated. We continue to actively work with the vendors
|
|
to deploy a fix for these drivers. Looker customers who self-manage their Looker
|
|
instances have received instructions through their technical contacts on how
|
|
to take the necessary steps to address the vulnerability. Looker customers who
|
|
have questions or require assistance, please visit Looker Support.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-18T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Media Translation API
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Memorystore
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Migrate for Anthos
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Migrate for Compute Engine (M4CE)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: M4CE has been updated to mitigate the issues identified in CVE-2021-44228
|
|
and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities.
|
|
A notification was sent to customers on December 17, 2021 with subject line
|
|
“Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11
|
|
or below. If you are on M4CE v5.0 or above, no action is needed.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-19T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Network Connectivity Center
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Network Intelligence Center
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Network Service Tiers
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Persistent Disk
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Pub/Sub
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-16T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Pub/Sub Lite
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
|
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
|
Pub/Sub Lite environments to identify components dependent on Log4j 2 and update
|
|
them to the latest version.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-16T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: reCAPTCHA Enterprise
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Recommendations AI
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Retail Search
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Risk Manager
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Secret Manager
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Security Command Center
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Service Directory
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Service Infrastructure
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Speaker ID
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Speech-to-Text
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Speech-to-Text On-Prem
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Storage Transfer Service
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Talent Solution
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Text-to-Speech
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Transcoder API
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Transfer Appliance
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Video Intelligence API
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Virtual Private Cloud
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-20T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Web Security Scanner
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Google Cloud
|
|
product: Workflows
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.google.com/log4j2-security-advisory
|
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
in CVE-2021-44228 and CVE-2021-45046.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: Gradle
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://blog.gradle.org/log4j-vulnerability
|
|
notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gradle
|
|
product: Gradle Enterprise
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- < 2021.3.6
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://security.gradle.com/advisory/2021-11
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gradle
|
|
product: Gradle Enterprise Build Cache Node
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- < 10.1
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://security.gradle.com/advisory/2021-11
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gradle
|
|
product: Gradle Enterprise Test Distribution Agent
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- < 1.6.2
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://security.gradle.com/advisory/2021-11
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Grafana
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Grandstream
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravitee
|
|
product: Access Management
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- 3.10.x
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravitee
|
|
product: Access Management
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- 3.5.x
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravitee
|
|
product: Alert Engine
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- 1.5.x
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravitee
|
|
product: Alert Engine
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- 1.4.x
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravitee
|
|
product: API Management
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- 3.10.x
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravitee
|
|
product: API Management
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- 3.5.x
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravitee
|
|
product: Cockpit
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- 1.4.x
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Gravwell
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products
|
|
notes: Gravwell products do not use Java.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Graylog
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- 3.3.15
|
|
- 4.0.14
|
|
- 4.1.9
|
|
- 4.2.3
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.graylog.org/post/graylog-update-for-log4j
|
|
notes: The vulnerable Log4j library is used to record GrayLogs own log information.
|
|
Vulnerability is not triggered when GrayLog stores exploitation vector from
|
|
an outer system.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Graylog
|
|
product: Graylog Server
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- All versions >= 1.2.0 and <= 4.2.2
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.graylog.org/post/graylog-update-for-log4j
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GreenShot
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://greenshot.atlassian.net/browse/BUG-2871
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: GSA
|
|
product: Cloud.gov
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://cloud.gov/2021/12/14/log4j-buildpack-updates/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-21T00:00:00'
|
|
- vendor: GuardedBox
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- 3.1.2
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://twitter.com/GuardedBox/status/1469739834117799939
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Guidewire
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
...
|
|
|