1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 16:40:48 +00:00
A community sourced list of log4j-affected software
Find a file
2021-12-13 11:54:29 -05:00
README.md Fix link 2021-12-13 11:54:29 -05:00

CISA Log4j (CVE-2021-44228) Vulnerability Guidance

This repository provides CISA's guidance and an overview of related software regarding the Log4j vulnerability (CVE-2021-44228). CISA encourages users and administrators to review the official Apache release and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately.

Official CISA Guidance & Resources:
CISA Director Jen Easterly's Statement: Statement from CISA Director Easterly on “Log4j” Vulnerability.
CISA Current Activity Alert: Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation
National Vulnerability Database (NVD) Information: CVE-2021-44228

CISA will maintain a list of all known affected and not affected software regarding the Log4j vulnerability.

Software List

Vendor Product Version Status Patch Available Mitigation Available Vulnerability Notes Related Links Date Last Updated
Sample-Vendor Product-A 1.15.0, 1.14.0, 1.13.0 Affected Yes/No Link Yes/No Link <Statement by vendor, vuln note, etc.> Link Here 12/11/2021