mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-15 05:17:54 +00:00
11ef0d7d70
The incorrect escape codes are removed. This will also result in the removal of (incorrect) escape codes in the generated markdown file.
5919 lines
171 KiB
YAML
5919 lines
171 KiB
YAML
---
|
||
version: '1.0'
|
||
owners:
|
||
- name: cisagov
|
||
url: https://github.com/cisagov/log4j-affected-db
|
||
software:
|
||
- vendor: GE Digital
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://digitalsupport.ge.com/communities/en_US/Alert/GE-Security-Advisories
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Digital Grid
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://digitalenergy.service-now.com/csm?id=kb_category&kb_category=b8bc715b879c89103f22a93e0ebb3585
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Asset Performance Management (APM)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Digital has fixed the log4j issue on the APM. Validation and test completed
|
||
in development environment and the team is currently deploying the fixes in
|
||
the production environment.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Baseline Security Center (BSC)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- ''
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Gas Power is still validating the workaround provided by FoxGuard in
|
||
Technical Information Notice – M1221-S01.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Baseline Security Center (BSC) 2.0
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Gas Power has tested and validated the component of the BSC 2.0 that
|
||
is impacted (McAfee SIEM 11.x). The update and instructions can be downloaded
|
||
from link in reference section. This update is available to customer only and
|
||
has not been reviewed by CISA.
|
||
references:
|
||
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029420)'
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Control Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- ''
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Please see vCenter. Control Server is not directly impacted. It is impacted
|
||
through vCenter.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: MyFleet
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: OPM Performance Intelligence
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: OPM Performance Planning
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: Tag Mapping Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Gas Power
|
||
product: vCenter
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf
|
||
notes: GE Gas Power has tested and validated the update provided by Vmware. The
|
||
update and instructions can be downloaded from link in reference section. This
|
||
update is available to customer only and has not been reviewed by CISA.
|
||
references:
|
||
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029417)'
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: GE Healthcare
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://securityupdate.gehealthcare.com
|
||
notes: This advisory is not available at the time of this review, due to maintence
|
||
on the GE Healthcare website.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: Gearset
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Genesys
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GeoServer
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GeoSolutions
|
||
product: GeoNetwork
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: All
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T07:18:50+00:00'
|
||
- vendor: GeoSolutions
|
||
product: GeoServer
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T07:18:50+00:00'
|
||
- vendor: Gerrit Code Review
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gerritcodereview.com/2021-12-13-log4j-statement.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GFI Software
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GFI Software
|
||
product: Kerio Connect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Ghidra
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Ghisler
|
||
product: Total Commander
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ghisler.com/whatsnew.htm
|
||
notes: Third Party plugins might contain log4j.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gigamon
|
||
product: Fabric Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- <5.13.01.02
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.gigamon.com/gigamoncp/s/my-gigamon
|
||
notes: Updates available via the Gigamon Support Portal. This advisory available
|
||
to customers only and has not been reviewed by CISA.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: GitHub
|
||
product: GitHub
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- GitHub.com and GitHub Enterprise Cloud
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: GitHub
|
||
product: GitHub Enterprise Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- 3.0.22
|
||
- 3.1.14
|
||
- 3.2.6
|
||
- 3.3.1
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: GitLab
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: DAST Analyzer
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: Dependency Scanning
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: Gemnasium-Maven
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: PMD OSS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: SAST
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GitLab
|
||
product: Spotbugs
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://forum.gitlab.com/t/cve-2021-4428/62763/8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Globus
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://groups.google.com/a/globus.org/g/discuss/c/FJK0q0NoUC4
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GoAnywhere
|
||
product: Agents
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: Gateway
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Version 2.7.0 or later
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: MFT
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Version 5.3.0 or later
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: MFT Agents
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 1.4.2 or later
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: Versions less than GoAnywhere Agent version 1.4.2 are not affected.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: Open PGP Studio
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- ''
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoAnywhere
|
||
product: Suveyor/400
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: GoCD
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gocd.org/2021/12/14/log4j-vulnerability.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:52+00:00'
|
||
- vendor: Google
|
||
product: Chrome
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
||
notes: Chrome Browser releases, infrastructure and admin console are not using
|
||
versions of Log4j affected by the vulnerability.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-14'
|
||
- vendor: Google Cloud
|
||
product: Access Transparency
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Actifio
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
|
||
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
|
||
for the full statement and to obtain the hotfix (available to Actifio customers
|
||
only).
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AI Platform Data Labeling
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AI Platform Neural Architecture Search (NAS)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AI Platform Training and Prediction
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Anthos environments to identify components dependent on Log4j 2 and update them
|
||
to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Config Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Connect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Hub
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Identity Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos on VMWare
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
|
||
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
|
||
to their VMware products as they become available. We also recommend customers
|
||
review their respective applications and workloads affected by the same vulnerabilities
|
||
and apply appropriate patches.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Premium Software
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Anthos Service Mesh
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Apigee
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not
|
||
used and therefore the VMs were not impacted by the issues in CVE-2021-44228
|
||
and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution.
|
||
It is possible that customers may have introduced custom resources that are
|
||
using vulnerable versions of Log4j. We strongly encourage customers who manage
|
||
Apigee environments to identify components dependent on Log4j and update them
|
||
to the latest version. Visit the Apigee Incident Report for more information.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: App Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
App Engine environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AppSheet
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At
|
||
this time, we have identified no impact to core AppSheet functionality. Additionally,
|
||
we have patched one Java-based auxiliary service in our platform. We will continue
|
||
to monitor for affected services and patch or remediate as required. If you
|
||
have any questions or require assistance, contact AppSheet Support.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Artifact Registry
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Assured Workloads
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Natural Language
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Tables
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Translation
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Video
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: AutoML Vision
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: BigQuery
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: BigQuery Data Transfer Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: BigQuery Omni
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: BigQuery Omni, which runs on AWS and Azure infrastructure, does not use
|
||
Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
|
||
We continue to work with AWS and Azure to assess the situation.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Binary Authorization
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Certificate Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Chronicle
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Asset Inventory
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Bigtable
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Build
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Build environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud CDN
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Composer
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and
|
||
is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible
|
||
that customers may have imported or introduced other dependencies via DAGs,
|
||
installed PyPI modules, plugins, or other services that are using vulnerable
|
||
versions of Log4j 2. We strongly encourage customers, who manage Composer environments
|
||
to identify components dependent on Log4j 2 and update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Console App
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Data Loss Prevention
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Debugger
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Deployment Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud DNS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Endpoints
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud External Key Manager (EKM)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Functions
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Functions environments to identify components dependent on Log4j 2 and
|
||
update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Hardware Security Module (HSM)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Interconnect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Intrusion Detection System (IDS)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Key Management Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Load Balancing
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Logging
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Natural Language API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Network Address Translation (NAT)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Profiler
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Router
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Run
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Run environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Run for Anthos
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Run for Anthos environments to identify components dependent on Log4j
|
||
2 and update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Scheduler
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud SDK
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Shell
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Cloud Shell environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Source Repositories
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Spanner
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud SQL
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Storage
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Tasks
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Trace
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Traffic Director
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Translation
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Vision
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud Vision OCR On-Prem
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Cloud VPN
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: CompilerWorks
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Compute Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Compute Engine does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine,
|
||
we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes
|
||
to Google Cloud VMware Engine as they become available.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Contact Center AI (CCAI)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Contact Center AI Insights
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Container Registry
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Data Catalog
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228
|
||
and CVE-2021-45046. We strongly encourage customers who introduced their own
|
||
connectors to identify dependencies on Log4j 2 and update them to the latest
|
||
version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Data Fusion
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Data Fusion does not use Log4j 2, but uses Dataproc as one of the options
|
||
to execute pipelines. Dataproc released new images on December 18, 2021 to address
|
||
the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow
|
||
instructions in a notification sent on December 18, 2021 with the subject line
|
||
“Important information about Data Fusion.”
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Database Migration Service (DMS)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dataflow
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: 'Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228
|
||
and CVE-2021-45046. If you have changed dependencies or default behavior, it
|
||
is strongly recommended you verify there is no dependency on vulnerable versions
|
||
Log4j 2. Customers have been provided details and instructions in a notification
|
||
sent on December 17, 2021 with the subject line “Update #1 to Important information
|
||
about Dataflow.”'
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dataproc
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Dataproc released new images on December 18, 2021 to address the vulnerabilities
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions
|
||
in notifications sent on December 18, 2021 with the subject line “Important
|
||
information about Dataproc” with Dataproc documentation.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dataproc Metastore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Dataproc Metastore has been updated to mitigate the issues identified in
|
||
CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent
|
||
two notifications with instructions on December 17, 2021 with the subject line
|
||
“Important information regarding Log4j 2 vulnerability in your gRPC-enabled
|
||
Dataproc Metastore.”
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Datastore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Datastream
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Dialogflow Essentials (ES)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Document AI
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Event Threat Detection
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Eventarc
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Filestore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Log4j 2 is contained within the Filestore service; there is a technical
|
||
control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046.
|
||
Log4j 2 will be updated to the latest version as part of the scheduled rollout
|
||
in January 2022.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Firebase
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Firestore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Game Servers
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Cloud Armor
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Cloud Armor Managed Protection Plus
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Cloud VMware Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: We are working with VMware and tracking VMSA-2021-0028.1. We will deploy
|
||
fixes as they become available.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-11T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Google Kubernetes Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Google Kubernetes Engine does not use Log4j 2 and is not impacted by the
|
||
issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have
|
||
introduced a separate logging solution that uses Log4j 2. We strongly encourage
|
||
customers who manage Google Kubernetes Engine environments to identify components
|
||
dependent on Log4j 2 and update them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Healthcare Data Engine (HDE)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Human-in-the-Loop AI
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: IoT Core
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Key Access Justifications (KAJ)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Looker
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Looker-hosted instances have been updated to a Looker version with Log4j v2.16.
|
||
Looker is currently working with third-party driver vendors to evaluate the
|
||
impact of the Log4j vulnerability. As Looker does not enable logging for these
|
||
drivers in Looker-hosted instances, no messages are logged. We conclude that
|
||
the vulnerability is mitigated. We continue to actively work with the vendors
|
||
to deploy a fix for these drivers. Looker customers who self-manage their Looker
|
||
instances have received instructions through their technical contacts on how
|
||
to take the necessary steps to address the vulnerability. Looker customers who
|
||
have questions or require assistance, please visit Looker Support.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-18T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Media Translation API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Memorystore
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Migrate for Anthos
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Migrate for Compute Engine (M4CE)
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: M4CE has been updated to mitigate the issues identified in CVE-2021-44228
|
||
and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities.
|
||
A notification was sent to customers on December 17, 2021 with subject line
|
||
“Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11
|
||
or below. If you are on M4CE v5.0 or above, no action is needed.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-19T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Network Connectivity Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Network Intelligence Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Network Service Tiers
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Persistent Disk
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Pub/Sub
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Pub/Sub Lite
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
|
||
logging solution that uses Log4j 2. We strongly encourage customers who manage
|
||
Pub/Sub Lite environments to identify components dependent on Log4j 2 and update
|
||
them to the latest version.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: reCAPTCHA Enterprise
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Recommendations AI
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Retail Search
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Risk Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Secret Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Security Command Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Service Directory
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Service Infrastructure
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Speaker ID
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Speech-to-Text
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Speech-to-Text On-Prem
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Storage Transfer Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Talent Solution
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Text-to-Speech
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Transcoder API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Transfer Appliance
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Video Intelligence API
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Virtual Private Cloud
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Web Security Scanner
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Google Cloud
|
||
product: Workflows
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.google.com/log4j2-security-advisory
|
||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||
in CVE-2021-44228 and CVE-2021-45046.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Gradle
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://blog.gradle.org/log4j-vulnerability
|
||
notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gradle
|
||
product: Gradle Enterprise
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- < 2021.3.6
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.gradle.com/advisory/2021-11
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gradle
|
||
product: Gradle Enterprise Build Cache Node
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- < 10.1
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.gradle.com/advisory/2021-11
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gradle
|
||
product: Gradle Enterprise Test Distribution Agent
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- < 1.6.2
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security.gradle.com/advisory/2021-11
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Grafana
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Grandstream
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Access Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.10.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Access Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.5.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Alert Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 1.5.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Alert Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 1.4.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: API Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.10.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: API Management
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 3.5.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravitee
|
||
product: Cockpit
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 1.4.x
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Gravwell
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products
|
||
notes: Gravwell products do not use Java.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Graylog
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- 3.3.15
|
||
- 4.0.14
|
||
- 4.1.9
|
||
- 4.2.3
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.graylog.org/post/graylog-update-for-log4j
|
||
notes: The vulnerable Log4j library is used to record GrayLogs own log information.
|
||
Vulnerability is not triggered when GrayLog stores exploitation vector from
|
||
an outer system.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Graylog
|
||
product: Graylog Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- All versions >= 1.2.0 and <= 4.2.2
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.graylog.org/post/graylog-update-for-log4j
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GreenShot
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- ''
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://greenshot.atlassian.net/browse/BUG-2871
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: GSA
|
||
product: Cloud.gov
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://cloud.gov/2021/12/14/log4j-buildpack-updates/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: GuardedBox
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- 3.1.2
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://twitter.com/GuardedBox/status/1469739834117799939
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Guidewire
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
...
|