Dear Team,
Please confim if 2.12.4 is vuln to following CVE's 1) <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105> CVE-2021-45105 2) <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046> CVE-2021-45046 3) <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228> CVE-2021-44228 Also, As per https://endoflife.date/log4j log4j version 2.12.x has reached its EOL. The Log4j team no longer supports Java 7. Please confirm if above statement is true or not. Warm Regards, Anchit Parmar Team Lead - Vulnerability Management & Penetration Testing Practice Information Security Department IDBI Intech Limited , IDBI Bank Building, Plot No. 39-41, Sector-11, CBD Belapur, Navi Mumbai - 400 614 . Cell- 8779522843 Disclaimer: This e-mail contains privileged information or information belonging to IDBI Intech Ltd and is intended solely for the addressee/s. Access to this email by anyone else is unauthorized. Any copying (whole or partial) or further distribution beyond the original recipient is not intended, and may be unlawful. The recipient acknowledges that IDBI Intech Ltd is unable to exercise control or ensure or guarantee the integrity of the contents of the information contained in e-mail transmissions and further acknowledges that any views expressed in this message are those of the individual sender and are not binding on IDBI Intech Ltd. E-mails are susceptible to alteration and their integrity cannot be guaranteed. IDBI Intech Ltd does not accept any liability for any damages caused on account of this e-mail. If you have received this email in error, please contact the sender and delete the material from your computer.
