Products
CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
CVE-2021-44832
Disclaimer
OSLC Connect for Jira does not ship Log4j. We rely on the Log4j provided by Atlassian in Jira. Atlassian confirmed they suffer a very limited impact, since they bundle Log4j 1.2. from both CVE-2021-44228 and CVE-2021-45046.
Steps to confirm and mitigate should be applied from the above mentioned article.
Last, and as mentioned on the Log4j website for CVE-2021-45105 as well as CVE-2021-44832, these are not affecting the 1.x branch of Log4j.