Skip to content

Latest commit

 

History

History
51 lines (51 loc) · 10.1 KB

affected_components.md

File metadata and controls

51 lines (51 loc) · 10.1 KB
Raw

###Affected components

Vendor App source
Apache Apache Dubbo https://therecord.media/log4j-zero-day-gets-security-fix-just-as-scans-for-vulnerable-systems-ramp-up/
Ververica ververica https://flink.apache.org/2021/12/10/log4j-cve.html
Apache Apache Flink https://flink.apache.org/2021/12/10/log4j-cve.html
Apache Apache Flume https://therecord.media/log4j-zero-day-gets-security-fix-just-as-scans-for-vulnerable-systems-ramp-up/
Apache Apache Hadoop https://therecord.media/log4j-zero-day-gets-security-fix-just-as-scans-for-vulnerable-systems-ramp-up/
Apache Apache Kafka https://therecord.media/log4j-zero-day-gets-security-fix-just-as-scans-for-vulnerable-systems-ramp-up/
Apache Apache Solr https://therecord.media/log4j-zero-day-gets-security-fix-just-as-scans-for-vulnerable-systems-ramp-up/
Apache Apache Spark https://msandbu.org/log4shell-log4j-cve-2021-44228-vulnerability/?utm_source=rss&utm_medium=rss&utm_campaign=log4shell-log4j-cve-2021-44228-vulnerability
Apache Apache Struts https://msandbu.org/log4shell-log4j-cve-2021-44228-vulnerability/?utm_source=rss&utm_medium=rss&utm_campaign=log4shell-log4j-cve-2021-44228-vulnerability
Apache Apache Tapestry https://therecord.media/log4j-zero-day-gets-security-fix-just-as-scans-for-vulnerable-systems-ramp-up/
Apache Tomcat https://msandbu.org/log4shell-log4j-cve-2021-44228-vulnerability/?utm_source=rss&utm_medium=rss&utm_campaign=log4shell-log4j-cve-2021-44228-vulnerability
Apache Apache Wicket https://therecord.media/log4j-zero-day-gets-security-fix-just-as-scans-for-vulnerable-systems-ramp-up/
Databricks Databricks https://msandbu.org/log4shell-log4j-cve-2021-44228-vulnerability/?utm_source=rss&utm_medium=rss&utm_campaign=log4shell-log4j-cve-2021-44228-vulnerability
Elastic Elastic Search https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476
Elastic Elastic Logstash https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476
Elastic APM Java Agent https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476
Couchbase Elastic connector https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402
Cpanel Solr plugin https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/
Grails Grails https://github.com/grails/grails-core/releases
Graylog Graylog https://www.graylog.org/post/graylog-update-for-log4j
Evil labs JGAAP https://github.com/evllabs/JGAAP/releases/tag/v8.0.2
Jitsi video-bridge https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md
Microsoft Kafka Connect CosmosDB https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md
Metabase Metabase https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37
getnelson nelson https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala
Neo4j Neo4j https://community.neo4j.com/t/log4j-cve-mitigation-for-neo4j/48856
New relic Java agent newrelic/newrelic-java-agent#605
openhab openhab openhab/openhab-distro#1343
opensearch opensearch https://opensearch.org/blog/releases/2021/12/update-to-1-2-1/
redhat Several affected packages https://access.redhat.com/security/cve/cve-2021-44228
Security Onion Security Onion https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html
Spring Boot Spring Boot https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
swingset swingset https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10
Talend component kit https://jira.talendforge.org/browse/TCOMP-2054
Unifi UniFi Network Application https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1
zaproxy zaproxy https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/
Apache Apache iceberg apache/iceberg#3710
Chef Chef server chef/chef-server#2998
Mailcow mailcow mailcow/mailcow-dockerized#4375
portex portex https://github.com/katjahahn/PortEx/releases
oxygenxml oxygen xml editor https://www.oxygenxml.com/security/advisory/CVE-2019-17571.html
Lucent Sky Lucent Sky AVM On-Demand https://twitter.com/LucentSky/status/1469358706311974914
Lucent Sky Lucent Sky managed instances https://twitter.com/LucentSky/status/1469358706311974914
Logstash logstash elastic/logstash#13494
Amazon AWS Lambda https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
Amazon AWS CloudHSM https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
Microsoft Azure Data lake store java https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310