Hi Anchit Parmar,

you should have addressed this mail to one of the mailing lists, therefore
I'm forwarding this to log4j-user@logging.apache.org. You should probably
subscribe to receive responses. You can also poll the mail archives if you
do not wish to subscribe.

At this point I would like to point you to the log4j website. Everything
related to security vulnerabilities against log4j 2.x is actually
documented here:


Please do not hesitate to contact d...@logging.apache.org should there be
anything missing or could be improved.

Warm regards,

---------- Forwarded message ---------
From: anchit parmar <anchit.par...@idbiintech.com>
Date: Thu, 20 Jan 2022 at 10:12
Subject: Is Log4j 2.12.4 vulnerable
To: <log4j-user-ow...@logging.apache.org>

Dear Sir,

Request you to please clarify our doubt if log4j 2.12.4 is vulnerable to
following CVE’s

1)      *CVE-2021-45105*

2)      *CVE-2021-45046

3)      *CVE-2021-44228*

Or please suggest a communication mail or medium from where we can clarify
the doubt.

Warm Regards,

Anchit Parmar

Team Lead – Vulnerability Management & Penetration Testing Practice

Information Security Department

IDBI Intech Limited , IDBI Bank Building, Plot No. 39-41, Sector-11,

CBD Belapur, Navi Mumbai – 400 614 .

Cell- 8779522843

Disclaimer: This e-mail contains privileged information or information
belonging to IDBI Intech Ltd and is intended solely for the
addressee/s. Access to this email by anyone else is unauthorized. Any
copying (whole or partial) or further distribution beyond the original
recipient is not intended, and may be unlawful. The recipient
acknowledges that IDBI Intech Ltd is unable to exercise control or
ensure or guarantee the integrity of the contents of the information
contained in e-mail transmissions and further acknowledges that any
views expressed in this message are those of the individual sender and
are not binding on IDBI Intech Ltd. E-mails are susceptible to
alteration and their integrity cannot be guaranteed. IDBI Intech Ltd
does not accept any liability for any damages caused on account of
this e-mail. If you have received this email in error, please contact
the sender and delete the material from your computer.

Dominik Psenner

Reply via email to