mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-14 12:57:55 +00:00
5919 lines
171 KiB
YAML
5919 lines
171 KiB
YAML
---
|
||
version: '1.0'
|
||
owners:
|
||
- name: cisagov
|
||
url: https://github.com/cisagov/log4j-affected-db
|
||
software:
|
||
- vendor: GE Digital
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://digitalsupport.ge.com/communities/en_US/Alert/GE-Security-Advisories
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Digital Grid
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://digitalenergy.service-now.com/csm?id=kb_category&kb_category=b8bc715b879c89103f22a93e0ebb3585
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Asset Performance Management (APM)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Digital has fixed the log4j issue on the APM. Validation and test completed
|
||
in development environment and the team is currently deploying the fixes in
|
||
the production environment.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Baseline Security Center (BSC)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- ''
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Gas Power is still validating the workaround provided by FoxGuard in
|
||
Technical Information Notice – M1221-S01.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Baseline Security Center (BSC) 2.0
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Gas Power has tested and validated the component of the BSC 2.0 that
|
||
is impacted (McAfee SIEM 11.x). The update and instructions can be downloaded
|
||
from link in reference section. This update is available to customer only and
|
||
has not been reviewed by CISA.
|
||
references:
|
||
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029420)'
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Control Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- ''
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Please see vCenter. Control Server is not directly impacted. It is impacted
|
||
through vCenter.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: MyFleet
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: OPM Performance Intelligence
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: OPM Performance Planning
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Tag Mapping Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: vCenter
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Gas Power has tested and validated the update provided by Vmware. The
|
||
update and instructions can be downloaded from link in reference section. This
|
||
update is available to customer only and has not been reviewed by CISA.
|
||
references:
|
||
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029417)'
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Healthcare
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://securityupdate.gehealthcare.com
|
||
notes: This advisory is not available at the time of this review, due to maintence
|
||
on the GE Healthcare website.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: Gearset
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Genesys
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GeoServer
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GeoSolutions
|
||
product: GeoNetwork
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: All
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T07:18:50+00:00'
|
||
- vendor: GeoSolutions
|
||
product: GeoServer
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T07:18:50+00:00'
|
||
- vendor: Gerrit Code Review
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gerritcodereview.com/2021-12-13-log4j-statement.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GFI Software
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GFI Software
|
||
product: Kerio Connect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Ghidra
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Ghisler
|
||
product: Total Commander
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ghisler.com/whatsnew.htm
|
||
notes: Third Party plugins might contain log4j.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gigamon
|
||
product: Fabric Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- <5.13.01.02
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.gigamon.com/gigamoncp/s/my-gigamon
|
||
notes: Updates available via the Gigamon Support Portal. This advisory available
|
||
to customers only and has not been reviewed by CISA.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: GitHub
|
||
product: GitHub
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- GitHub.com and GitHub Enterprise Cloud
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: GitHub
|
||
product: GitHub Enterprise Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- 3.0.22
|
||
- 3.1.14
|
||
- 3.2.6
|
||
- 3.3.1
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: GitLab
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: DAST Analyzer
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: Dependency Scanning
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: Gemnasium-Maven
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: PMD OSS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: SAST
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: Spotbugs
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Globus
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://groups.google.com/a/globus.org/g/discuss/c/FJK0q0NoUC4
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GoAnywhere
|
||
product: Agents
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: Gateway
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Version 2.7.0 or later
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: MFT
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Version 5.3.0 or later
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: MFT Agents
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 1.4.2 or later
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: Versions less than GoAnywhere Agent version 1.4.2 are not affected.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: Open PGP Studio
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: Suveyor/400
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoCD
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gocd.org/2021/12/14/log4j-vulnerability.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:52+00:00'
|
||
- vendor: Google
|
||
product: Chrome
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
||
notes: Chrome Browser releases, infrastructure and admin console are not using
|
||
versions of Log4j affected by the vulnerability.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-14'
|
||
- vendor: Google Cloud
|
||
product: Access Transparency
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Actifio
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
|
||
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
|
||
for the full statement and to obtain the hotfix (available to Actifio customers
|
||
only).
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AI Platform Data Labeling
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AI Platform Neural Architecture Search (NAS)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AI Platform Training and Prediction
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Anthos environments to identify components dependent on Log4j 2 and update them
|
||
to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Config Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Connect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Hub
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Identity Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos on VMWare
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
|
||
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
|
||
to their VMware products as they become available. We also recommend customers
|
||
review their respective applications and workloads affected by the same vulnerabilities
|
||
and apply appropriate patches.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Premium Software
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Service Mesh
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Apigee
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not
|
||
used and therefore the VMs were not impacted by the issues in CVE-2021-44228
|
||
and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution.
|
||
It is possible that customers may have introduced custom resources that are
|
||
using vulnerable versions of Log4j. We strongly encourage customers who manage
|
||
Apigee environments to identify components dependent on Log4j and update them
|
||
to the latest version. Visit the Apigee Incident Report for more information.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: App Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
App Engine environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AppSheet
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At
|
||
this time, we have identified no impact to core AppSheet functionality. Additionally,
|
||
we have patched one Java-based auxiliary service in our platform. We will continue
|
||
to monitor for affected services and patch or remediate as required. If you
|
||
have any questions or require assistance, contact AppSheet Support.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Artifact Registry
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Assured Workloads
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Natural Language
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Tables
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Translation
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Video
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Vision
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: BigQuery
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: BigQuery Data Transfer Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: BigQuery Omni
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: BigQuery Omni, which runs on AWS and Azure infrastructure, does not use
|
||
Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
|
||
We continue to work with AWS and Azure to assess the situation.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Binary Authorization
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Certificate Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Chronicle
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Asset Inventory
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Bigtable
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Build
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Build environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud CDN
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Composer
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and
|
||
is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible
|
||
that customers may have imported or introduced other dependencies via DAGs,
|
||
installed PyPI modules, plugins, or other services that are using vulnerable
|
||
versions of Log4j 2. We strongly encourage customers, who manage Composer environments
|
||
to identify components dependent on Log4j 2 and update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Console App
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Data Loss Prevention
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Debugger
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Deployment Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud DNS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Endpoints
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud External Key Manager (EKM)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Functions
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Functions environments to identify components dependent on Log4j 2 and
|
||
update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Hardware Security Module (HSM)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Interconnect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Intrusion Detection System (IDS)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Key Management Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Load Balancing
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Logging
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Natural Language API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Network Address Translation (NAT)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Profiler
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Router
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Run
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Run environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Run for Anthos
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Run for Anthos environments to identify components dependent on Log4j
|
||
2 and update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Scheduler
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud SDK
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Shell
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Shell environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Source Repositories
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Spanner
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud SQL
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Storage
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Tasks
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Trace
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Traffic Director
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Translation
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Vision
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Vision OCR On-Prem
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud VPN
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: CompilerWorks
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Compute Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Compute Engine does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine,
|
||
we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes
|
||
to Google Cloud VMware Engine as they become available.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Contact Center AI (CCAI)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Contact Center AI Insights
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Container Registry
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Data Catalog
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228
|
||
and CVE-2021-45046. We strongly encourage customers who introduced their own
|
||
connectors to identify dependencies on Log4j 2 and update them to the latest
|
||
version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Data Fusion
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Data Fusion does not use Log4j 2, but uses Dataproc as one of the options
|
||
to execute pipelines. Dataproc released new images on December 18, 2021 to address
|
||
the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow
|
||
instructions in a notification sent on December 18, 2021 with the subject line
|
||
“Important information about Data Fusion.”
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Database Migration Service (DMS)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dataflow
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: 'Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228
|
||
and CVE-2021-45046. If you have changed dependencies or default behavior, it
|
||
is strongly recommended you verify there is no dependency on vulnerable versions
|
||
Log4j 2. Customers have been provided details and instructions in a notification
|
||
sent on December 17, 2021 with the subject line “Update #1 to Important information
|
||
about Dataflow.”'
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dataproc
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Dataproc released new images on December 18, 2021 to address the vulnerabilities
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions
|
||
in notifications sent on December 18, 2021 with the subject line “Important
|
||
information about Dataproc” with Dataproc documentation.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dataproc Metastore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Dataproc Metastore has been updated to mitigate the issues identified in
|
||
CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent
|
||
two notifications with instructions on December 17, 2021 with the subject line
|
||
“Important information regarding Log4j 2 vulnerability in your gRPC-enabled
|
||
Dataproc Metastore.”
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Datastore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Datastream
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dialogflow Essentials (ES)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Document AI
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Event Threat Detection
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Eventarc
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Filestore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Log4j 2 is contained within the Filestore service; there is a technical
|
||
control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046.
|
||
Log4j 2 will be updated to the latest version as part of the scheduled rollout
|
||
in January 2022.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Firebase
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Firestore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Game Servers
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Cloud Armor
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Cloud Armor Managed Protection Plus
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Cloud VMware Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: We are working with VMware and tracking VMSA-2021-0028.1. We will deploy
|
||
fixes as they become available.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-11T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Kubernetes Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Google Kubernetes Engine does not use Log4j 2 and is not impacted by the
|
||
issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have
|
||
introduced a separate logging solution that uses Log4j 2. We strongly encourage
|
||
customers who manage Google Kubernetes Engine environments to identify components
|
||
dependent on Log4j 2 and update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Healthcare Data Engine (HDE)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Human-in-the-Loop AI
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: IoT Core
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Key Access Justifications (KAJ)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Looker
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: \Looker-hosted instances have been updated to a Looker version with Log4j v2.16.
|
||
Looker is currently working with third-party driver vendors to evaluate the
|
||
impact of the Log4j vulnerability. As Looker does not enable logging for these
|
||
drivers in Looker-hosted instances, no messages are logged. We conclude that
|
||
the vulnerability is mitigated. We continue to actively work with the vendors
|
||
to deploy a fix for these drivers. Looker customers who self-manage their Looker
|
||
instances have received instructions through their technical contacts on how
|
||
to take the necessary steps to address the vulnerability. Looker customers who
|
||
have questions or require assistance, please visit Looker Support.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Media Translation API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Memorystore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Migrate for Anthos
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Migrate for Compute Engine (M4CE)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: M4CE has been updated to mitigate the issues identified in CVE-2021-44228
|
||
and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities.
|
||
A notification was sent to customers on December 17, 2021 with subject line
|
||
“Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11
|
||
or below. If you are on M4CE v5.0 or above, no action is needed.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Network Connectivity Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Network Intelligence Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Network Service Tiers
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Persistent Disk
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Pub/Sub
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Pub/Sub Lite
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Pub/Sub Lite environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: reCAPTCHA Enterprise
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Recommendations AI
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Retail Search
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Risk Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Secret Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Security Command Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Service Directory
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Service Infrastructure
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Speaker ID
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Speech-to-Text
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Speech-to-Text On-Prem
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Storage Transfer Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Talent Solution
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Text-to-Speech
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Transcoder API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Transfer Appliance
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Video Intelligence API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Virtual Private Cloud
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Web Security Scanner
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Workflows
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Gradle
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://blog.gradle.org/log4j-vulnerability
|
||
notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gradle
|
||
product: Gradle Enterprise
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- < 2021.3.6
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.gradle.com/advisory/2021-11
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gradle
|
||
product: Gradle Enterprise Build Cache Node
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- < 10.1
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.gradle.com/advisory/2021-11
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gradle
|
||
product: Gradle Enterprise Test Distribution Agent
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- < 1.6.2
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.gradle.com/advisory/2021-11
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Grafana
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Grandstream
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Access Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.10.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Access Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.5.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Alert Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 1.5.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Alert Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 1.4.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: API Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.10.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: API Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.5.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Cockpit
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 1.4.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravwell
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products
|
||
notes: Gravwell products do not use Java.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Graylog
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- 3.3.15
|
||
- 4.0.14
|
||
- 4.1.9
|
||
- 4.2.3
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.graylog.org/post/graylog-update-for-log4j
|
||
notes: The vulnerable Log4j library is used to record GrayLogs own log information.
|
||
Vulnerability is not triggered when GrayLog stores exploitation vector from
|
||
an outer system.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Graylog
|
||
product: Graylog Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- All versions >= 1.2.0 and <= 4.2.2
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.graylog.org/post/graylog-update-for-log4j
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GreenShot
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://greenshot.atlassian.net/browse/BUG-2871
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GSA
|
||
product: Cloud.gov
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.gov/2021/12/14/log4j-buildpack-updates/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: GuardedBox
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- 3.1.2
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://twitter.com/GuardedBox/status/1469739834117799939
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Guidewire
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
...
|