My Oracle Support Banner

General impact of Apache Log4j vulnerabilities on Oracle Products and Services (Doc ID 2847142.1)

Last updated on OCTOBER 19, 2022

Applies to:

Support Tools > My Oracle Support > My Oracle Support
Information in this document applies to any platform.



A number of additional vulnerabilities affecting various versions of Apache Log4J have been disclosed after the publication of Oracle Security Alert CVE-2021-44228 related to the disclosure of vulnerabilities CVE-2021-44228 and subsequently CVE-2021-45046.  For more information, see MOS Note ID 2827611.1


In addition to vulnerabilities CVE-2021-44228 and CVE-2021-45046, the newly disclosed Apache Log4j vulnerabilities include:



The purpose of this document is to explain Oracle’s security vulnerability remediation practices in the context of these newly disclosed Apache Log4j vulnerabilities.



 This document applies to all Oracle products and Oracle cloud services.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.