-
-
Save golfhackerdave/4b673afb1c1545096252c3bc5322a0bb to your computer and use it in GitHub Desktop.
Revisions
-
SwitHak revised this gist
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -96,6 +96,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## RSA : https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501 # S ## Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1 ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,6 +4,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv ## Apache Solr : https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html ## Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # A ## Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -78,6 +78,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # O ## OpenHab : https://github.com/openhab/openhab-distro/pull/1343 ## OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ ## OpenSearch : https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950 ## Oracle : https://www.oracle.com/security-alerts/alert-cve-2021-44228.html # P -
Dec 11, 2021 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,6 +11,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # B ## BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838 ## BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/ ## Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 # C @@ -116,6 +117,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # W ## Wallarm : https://lab.wallarm.com/cve-2021-44228-mitigation-update/ ## Wowza : https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve # X # Y -
Dec 11, 2021 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,7 +11,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # B ## BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838 ## Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 # C ## CarbonBlack : https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134 @@ -36,6 +36,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 ## F-Secure https://status.f-secure.com/incidents/sk8vmr0h34pd ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ # G -
Dec 11, 2021 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,6 +2,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # A ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html ## Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 @@ -20,6 +21,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## CloudFlare : https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/ ## CPanel : https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/ ## Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1 ## ConnectWise : https://www.connectwise.com/company/trust/advisories ## CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 ## Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 -
Dec 11, 2021 . 1 changed file with 8 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,12 +3,14 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # A ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html ## Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 ## AWS : https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ ## AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 # B ## BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838 ## Broadcom LAYER 7 API GATEWAY : https://community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer/viewthread?GroupId=1255&MessageKey=4191c9f4-07d7-4c5a-ab3b-af4d38335955&CommunityKey=0f580f5f-30a4-41de-a75c-e5f433325a18&tab=digestviewer # C ## CarbonBlack : https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134 @@ -84,12 +86,16 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # R ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 ## RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/ ## RSA : https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501 # S ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 ## SonicWall : https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 ## Spring Boot : https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ## SUSE : https://www.suse.com/security/cve/CVE-2021-44228.html ## Sterling Order IBM : https://www.ibm.com/support/pages/node/6525544 ## Swingset : https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10 @@ -103,7 +109,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # V ## Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md ## VMware : https://www.vmware.com/security/advisories/VMSA-2021-0028.html # W ## Wallarm : https://lab.wallarm.com/cve-2021-44228-mitigation-update/ -
Dec 11, 2021 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,7 +4,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://community.developer.atlassian.com/t/update-atlassians-investigation-on-cve-2021-44228/54352 ## AWS : https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ ## AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 # B @@ -41,6 +41,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # H ## Huawei : https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en ## HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464 # I # J @@ -71,6 +72,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # O ## OpenHab : https://github.com/openhab/openhab-distro/pull/1343 ## OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ ## Oracle : https://www.oracle.com/security-alerts/alert-cve-2021-44228.html # P ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 -
Dec 11, 2021 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -28,7 +28,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # E ## Eclipse Foundation : https://git.eclipse.org/r/c/tracecompass/org.eclipse.tracecompass/+/188751 ## Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 @@ -45,6 +45,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # I # J ## JAMF NATION : https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740 ## JazzSM DASH IBM : https://www.ibm.com/support/pages/node/6525552 ## Jenkins : https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ ## JFROG : https://twitter.com/jfrog/status/1469385793823199240 ## Jitsi : https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md @@ -57,6 +58,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914 # M ## McAfee : https://kc.mcafee.com/corporate/index?page=content&id=KB95091 ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 # N -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -74,6 +74,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR ## Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ # Q # R -
Dec 11, 2021 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,6 +8,8 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 # B ## BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838 # C ## CarbonBlack : https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134 ## Cerberus FTP : https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -84,6 +84,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 ## SUSE : https://www.suse.com/security/cve/CVE-2021-44228.html ## Sterling Order IBM : https://www.ibm.com/support/pages/node/6525544 ## Swingset : https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10 # T -
Dec 11, 2021 . 1 changed file with 5 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -26,13 +26,14 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # E ## Eclipse Foundation : https://git.eclipse.org/r/c/tracecompass/org.eclipse.tracecompass/+/188751 ## Elastic : https://github.com/search?q=org%3Aelastic+CVE-2021-44228&type=code # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ # G ## Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning ## GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q ## GrayLog : https://www.graylog.org/post/graylog-update-for-log4j @@ -82,8 +83,11 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 ## SUSE : https://www.suse.com/security/cve/CVE-2021-44228.html ## Swingset : https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10 # T ## Talend : https://jira.talendforge.org/browse/TCOMP-2054 ## TrendMicro : https://success.trendmicro.com/solution/000289940 # U -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,6 +5,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://community.developer.atlassian.com/t/update-atlassians-investigation-on-cve-2021-44228/54352 ## AWS LAMBDA : https://github.com/awslabs/aws-lambda-powertools-java/releases/tag/v1.8.1 ## AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 # B # C -
Dec 11, 2021 . No changes.There are no files selected for viewing
-
Dec 11, 2021 . 1 changed file with 30 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,24 +2,34 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # A ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://community.developer.atlassian.com/t/update-atlassians-investigation-on-cve-2021-44228/54352 ## AWS LAMBDA : https://github.com/awslabs/aws-lambda-powertools-java/releases/tag/v1.8.1 # B # C ## CarbonBlack : https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134 ## Cerberus FTP : https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability ## CheckPoint : https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS ## Cisco: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd ## CloudFlare : https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/ ## CPanel : https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/ ## Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1 ## CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 ## Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 # D ## Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228 ## DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359 ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 # E ## Eclipse Foundation : https://git.eclipse.org/r/c/tracecompass/org.eclipse.tracecompass/+/188751 ## Elastic-ELASTICSEARCH : https://github.com/elastic/elasticsearch/commit/9a3422e1a6cf519e3fedce396784be2ef48dc7f9 # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ # G ## GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q @@ -31,26 +41,40 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # I # J ## JAMF NATION : https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740 ## Jenkins : https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ ## JFROG : https://twitter.com/jfrog/status/1469385793823199240 ## Jitsi : https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md # K ## Keycloak : https://github.com/keycloak/keycloak/discussions/9078 ## Kafka Connect CosmosDB : https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md # L ## LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914 # M ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 # N ## N-able : https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability ## NELSON : https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala ## NetApp : https://security.netapp.com/advisory/ntap-20211210-0007/ ## Netflix : https://github.com/search?q=org%3ANetflix+CVE-2021-44228&type=commits ## Newrelic : https://github.com/newrelic/newrelic-java-agent/issues/605 # O ## OpenHab : https://github.com/openhab/openhab-distro/pull/1343 ## OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ # P ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR # Q # R ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 ## RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/ # S ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html @@ -65,13 +89,19 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 # V ## Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md ## VMware : https://kb.vmware.com/s/article/87068 # W ## Wallarm : https://lab.wallarm.com/cve-2021-44228-mitigation-update/ # X # Y ## Yandex-Cloud : https://github.com/yandex-cloud/docs/blob/6ff6c676787756e7dd6101c53b051e4cd04b3e85/ru/overview/security-bulletins/index.md#10122021--cve-2021-44228--%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5-%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%B4%D0%B0-log4shell-apache-log4j # Z ## ZAMMAD : https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 ## Zaproxy : https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ ## Errors, typos, something to say ? - If you want to add a link, comment or send it to me -
Dec 10, 2021 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,78 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # A ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html # B # C ## CarbonBlack : https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134 ## CheckPoint : https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS ## Cisco: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd ## CloudFlare : https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/ ## CPanel : https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/ # D ## Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228 ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 # E ## Eclipse Foundation : https://git.eclipse.org/r/c/tracecompass/org.eclipse.tracecompass/+/188751 # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 # G ## GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q ## GrayLog : https://www.graylog.org/post/graylog-update-for-log4j # H ## Huawei : https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en # I # J ## JAMF NATION : https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740 # K ## Keycloak : https://github.com/keycloak/keycloak/discussions/9078 # L # M # N ## NetApp : https://security.netapp.com/advisory/ntap-20211210-0007/ # O ## OpenHab : https://github.com/openhab/openhab-distro/pull/1343 ## OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ # P ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR # Q # R ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 # S ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 # T ## TrendMicro : https://success.trendmicro.com/solution/000289940 # U ## Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 # V ## VMware : https://kb.vmware.com/s/article/87068 # W # X # Y # Z ## ZAMMAD : https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 ## Errors, typos, something to say ? - If you want to add a link, comment or send it to me - Feel free to report any mistake directly below in the comment or in DM on Twitter [@SwitHak](https://twitter.com/SwitHak)