{
    "affected": [
        {
            "package": {
                "ecosystem": "Debian:8",
                "name": "apache-log4j1.2",
                "purl": "pkg:deb/debian/apache-log4j1.2?distro=jessie&repository_url=http%3A%2F%2Fdeb.freexian.com%2Fextended-lts"
            },
            "ranges": {
                "events": [
                    {
                        "fixed": "1.2.17-5+deb8u2"
                    }
                ],
                "type": "ECOSYSTEM"
            }
        }
    ],
    "database_specific": {
        "type": "security update"
    },
    "id": "ELA-557-1",
    "modified": "2022-02-01T00:00:00Z",
    "references": [
        {
            "type": "ADVISORY",
            "url": "https://deb.freexian.com/extended-lts/tracker/ELA-557-1"
        },
        {
            "type": "ADVISORY",
            "url": "https://deb.freexian.com/extended-lts/tracker/CVE-2021-4104"
        },
        {
            "type": "ADVISORY",
            "url": "https://deb.freexian.com/extended-lts/tracker/CVE-2022-23302"
        },
        {
            "type": "ADVISORY",
            "url": "https://deb.freexian.com/extended-lts/tracker/CVE-2022-23305"
        },
        {
            "type": "ADVISORY",
            "url": "https://deb.freexian.com/extended-lts/tracker/CVE-2022-23307"
        }
    ],
    "related": [
        "CVE-2021-4104",
        "CVE-2022-23302",
        "CVE-2022-23305",
        "CVE-2022-23307"
    ]
}