r3pek/log4j-affected-db
1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-09-19 19:12:38 +00:00
Code Releases Activity
A community sourced list of log4j-affected software
7 commits 2 branches 0 tags 3.7 MiB
Shell 100%
Find a file
justmurphy f25f9c560e
Add status descriptions, update schema of table
2021-12-13 13:42:45 -05:00
README.md Add status descriptions, update schema of table 2021-12-13 13:42:45 -05:00

README.md

CISA Log4j (CVE-2021-44228) Vulnerability Guidance

This repository provides CISA's guidance and an overview of related software regarding the Log4j vulnerability (CVE-2021-44228). CISA encourages users and administrators to review the official Apache release and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately.

Official CISA Guidance & Resources:
CISA Director Jen Easterly's Statement: Statement from CISA Director Easterly on “Log4j” Vulnerability.
CISA Current Activity Alert: Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation
National Vulnerability Database (NVD) Information: CVE-2021-44228

CISA will maintain a list of all publicly available information and vendor-supplied advisories regarding the Log4j vulnerability.

Status

Status Description
Unknown Status unknown. Default choice.
Affected Reported to be affected by CVE-2021-44228.
Not Affected Reported to NOT be affected by CVE-2021-44228.
Fixed Patch and/or mitigations available (see references column).
Under Investigation Vendor investigating status.

Software List

Vendor Product Version Status Update Available Notes References Last Updated
Sample-Vendor Product-A 1.15.0 Affected Yes/No Link <Statement by vendor, vuln note, etc.> Link Here 12/11/2021