{ "id": "CVE-2021-4104", "sourceIdentifier": "security@apache.org", "published": "2021-12-14T12:15:12.200", "lastModified": "2024-11-21T06:36:54.560", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions." }, { "lang": "es", "value": "JMSAppender en Log4j versi\u00f3n 1.2 es vulnerable a una deserializaci\u00f3n de datos no confiables cuando el atacante presenta acceso de escritura a la configuraci\u00f3n de Log4j. El atacante puede proporcionar configuraciones TopicBindingName y TopicConnectionFactoryBindingName haciendo que JMSAppender realice peticiones JNDI que resulten en la ejecuci\u00f3n de c\u00f3digo remota de forma similar a CVE-2021-44228. Tenga en cuenta que este problema s\u00f3lo afecta a Log4j versi\u00f3n 1.2 cuando es configurado espec\u00edficamente para usar JMSAppender, que no es el predeterminado. Apache Log4j versi\u00f3n 1.2 lleg\u00f3 al final de su vida \u00fatil en agosto de 2015. Los usuarios deber\u00edan actualizar a Log4j 2 ya que aborda otros numerosos problemas de las versiones anteriores" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.6, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "baseScore": 6.0, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 6.8, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "security@apache.org", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-502" } ] }, { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-502" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:apache:log4j:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "2954BDA9-F03D-44AC-A9EA-3E89036EEFA8" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:codeready_studio:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "1BAF877F-B8D5-4313-AC5C-26BB82006B30" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*", "matchCriteriaId": "B87C8AD3-8878-4546-86C2-BF411876648C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:integration_camel_quarkus:-:*:*:*:*:*:*:*", "matchCriteriaId": "F039C746-2001-4EE5-835F-49607A94F12B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C4404A-CFB7-4B47-9487-F998825C31CA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*", "matchCriteriaId": "A58966CB-36AF-4E64-AB39-BE3A0753E155" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_a-mq_streaming:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C7257E5-B4A7-4299-8FE1-A94121E47528" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CDDAFDB-E67A-4795-B2C4-C2D31734ABC8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "88BF3B2C-B121-483A-AEF2-8082F6DA5310" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A305F012-544E-4245-9D69-1C8CD37748B1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B40CCE4F-EA2C-453D-BB76-6388767E5C6D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B78438D-1321-4BF4-AEB1-DAF60D589530" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C077D692-150C-4AE9-8C0B-7A3EA5EB1100" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "54EB07A0-FB38-4F17-9C8D-DB629967F07B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*", "matchCriteriaId": "A33441B3-B301-426C-A976-08CE5FE72EFB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "6B62E762-2878-455A-93C9-A5DB430D7BB5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "14CF53D2-B585-4EA5-8F18-21BC9ECBB4B6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "91B493F0-5542-49F7-AAAE-E6CA6E468D7B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "20A6B40D-F991-4712-8E30-5FE008505CB7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", "matchCriteriaId": "749804DA-4B27-492A-9ABA-6BB562A6B3AC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:advanced_supply_chain_planning:12.1:*:*:*:*:*:*:*", "matchCriteriaId": "A62E2A25-1AD7-4B4B-9D1B-F0DEA4550557" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:advanced_supply_chain_planning:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "0331158C-BBE0-42DB-8180-EB1FCD290567" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "B602F9E8-1580-436C-A26D-6E6F8121A583" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "77C3DD16-1D81-40E1-B312-50FBD275507C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "81DAC8C0-D342-44B5-9432-6B88D389584F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E869C417-C0E6-4FC3-B406-45598A1D1906" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C68536CA-C7E2-4228-A6B8-F0DB6A9D29EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "E1214FDF-357A-4BB9-BADE-50FB2BD16D10" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "B21E6EEF-2AB7-4E96-B092-1F49D11B4175" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.0.0.4.0", "matchCriteriaId": "28CDCE04-B074-4D7A-B6E4-48193458C9A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "5933FEA2-B79E-4EE7-B821-54D676B45734" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "0D299528-8EF0-49AF-9BDE-4B6C6B1DA36C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "17A91FD9-9F77-42D3-A4D9-48BC7568ADE1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7637F8B-15F1-42E2-BE18-E1FF7C66587D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E43D793A-7756-4D58-A8ED-72DC4EC9CEA7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:e-business_suite_cloud_manager_and_cloud_backup_module:2.2.1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "6ED0EE39-C080-4E75-AE0F-3859B57EF851" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6E8758C8-87D3-450A-878B-86CE8C9FC140" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "054B56E0-F11B-4939-B7E1-E722C67A041A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "250A493C-E052-4978-ABBE-786DC8038448" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2E2B771B-230A-4811-94D7-065C2722E428" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:fusion_middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F17531CB-DE8A-4ACD-93A0-6A5A8481D51B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:goldengate:-:*:*:*:*:*:*:*", "matchCriteriaId": "507E7AEE-C2FC-4EED-B0F7-5E41642C0BF7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "66C673C4-A825-46C0-816B-103E1C058D03" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:hyperion_data_relationship_management:*:*:*:*:*:*:*:*", "versionEndExcluding": "11.2.8.0", "matchCriteriaId": "E8E7FBA9-0FFF-4C86-B151-28C17A142E0B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:hyperion_infrastructure_technology:*:*:*:*:*:*:*:*", "versionEndExcluding": "11.2.8.0", "matchCriteriaId": "55BBCD48-BCC6-4E19-A4CE-970E524B9FF4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1489DDA7-EDBE-404C-B48D-F0B52B741708" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:identity_management_suite:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "535BC19C-21A1-48E3-8CC0-B276BA5D494E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "versionEndIncluding": "8.0.29", "matchCriteriaId": "B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_allocation:14.1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "51E83F05-B691-4450-BCA9-32209AEC4F6A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_allocation:15.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "288235F9-2F9E-469A-BE14-9089D0782875" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_allocation:16.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6672F9C1-DA04-47F1-B699-C171511ACE38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_allocation:19.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "11E57939-A543-44F7-942A-88690E39EABA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "30501D23-5044-477A-8DC3-7610126AEFD7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:stream_analytics:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B45A731-11D1-433B-B202-9C8D67C609F9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:timesten_grid:-:*:*:*:*:*:*:*", "matchCriteriaId": "900D9DBF-8071-4CE5-A67A-9E0C00D04B87" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:tuxedo:12.2.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EB7D0A30-3986-49AB-B7F3-DAE0024504BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3ED272C-A545-4F8C-86C0-2736B3F2DCAF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C5B4C338-11E1-4235-9D5A-960B2711AC39" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "8C93F84E-9680-44EF-8656-D27440B51698" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752" } ] } ] } ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2022/01/18/3", "source": "security@apache.org" }, { "url": "https://access.redhat.com/security/cve/CVE-2021-4104", "source": "security@apache.org" }, { "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", "source": "security@apache.org" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033", "source": "security@apache.org" }, { "url": "https://security.gentoo.org/glsa/202209-02", "source": "security@apache.org" }, { "url": "https://security.gentoo.org/glsa/202310-16", "source": "security@apache.org" }, { "url": "https://security.gentoo.org/glsa/202312-02", "source": "security@apache.org" }, { "url": "https://security.gentoo.org/glsa/202312-04", "source": "security@apache.org" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0007/", "source": "security@apache.org" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228", "source": "security@apache.org" }, { "url": "https://www.kb.cert.org/vuls/id/930724", "source": "security@apache.org" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "source": "security@apache.org" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html", "source": "security@apache.org" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html", "source": "security@apache.org" }, { "url": "http://www.openwall.com/lists/oss-security/2022/01/18/3", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://access.redhat.com/security/cve/CVE-2021-4104", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://security.gentoo.org/glsa/202209-02", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://security.gentoo.org/glsa/202310-16", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://security.gentoo.org/glsa/202312-02", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://security.gentoo.org/glsa/202312-04", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0007/", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://www.kb.cert.org/vuls/id/930724", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }