My Oracle Support Banner

Security Alert CVE-2021-45046 CVE-2021-44228 CVE-2021-44832 CVE-2021-45105 Patch Availability Document for SQL Developer and SQL Developer Data Modeler (Doc ID 2828123.1)

Last updated on APRIL 11, 2024

Applies to:

Oracle SQL Developer Data Modeler
Oracle Database
Oracle Fusion Middleware
Oracle SQL Developer
Information in this document applies to any platform.

Purpose

 This document provides solution/patch associated with Apache Log4j 1.x and 2.x Vulnerabilities related to SQL Developer.
    Log4j 2.x :CVE-2021-45046, CVE-2021-44228, CVE-2021-44832, CVE-2021-45105
    Log4j 1.x :CVE-2021-4104, CVE-2022-23302 and CVE-2022-23305

 Refer to Apache Log4j 2 vulnerability described in Security Alert CVE-2021-44228 for more details.

 Last Update Date: 15-Feb-22

Scope

This document applies to Oracle Standalone SQL Developer/ SQL Developer Data Modeler and also those included with Fusion Middleware Install, Oracle Database and Oracle database client.

Review the following to determine the impact and considerations for all Oracle products:

Doc ID 2827611.1 Impact of December 2021 Apache Log4j Vulnerabilities on Oracle Products and Services (CVE-2021-44228, CVE-2021-45046)

 

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Purpose
Scope
 This document applies to Oracle Standalone SQL Developer/ SQL Developer Data Modeler and also those included with Fusion Middleware Install, Oracle Database and Oracle database client.

Review the following to determine the impact and considerations for all Oracle products:
Details
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.