My Oracle Support Banner

Apache log4j Security Alert for SQL Developer Packaged with Oracle Forms/Reports 12c (Doc ID 2848999.1)

Last updated on APRIL 12, 2024

Applies to:

Oracle Forms - Version 12.2.1.0.0 to 12.2.1.4.0 [Release 12c to 12.2]
Oracle Reports Developer - Version 12.2.1.0.0 to 12.2.1.4.0 [Release 12c to 12.2]
Information in this document applies to any platform.

Purpose

 This document provides solution/patch associated with Apache Log4j 1.x and 2.x Vulnerabilities related to SQL Developer that comes prepackaged with the Oracle Forms/Reports 12.2.x installation.
  

Log4j 2.x :CVE-2021-45046, CVE-2021-44228, CVE-2021-44832, CVE-2021-45105
Log4j 1.x :CVE-2021-4104, CVE-2022-23302 and CVE-2022-23305

 
 Refer to Apache Log4j 2 vulnerability described in Security Alert CVE-2021-44228 for more details.

Scope

 This document applies to Oracle SQL Developer that comes prepackaged with the Oracle Forms/Reports 12.2.x installation.

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.