Fix affected_range version to match apache and nist CVE-2021-45046
Looking at Apache's security fix page, this vulnerability was actually fixed in 2.16.0 not 2.17.0. https://logging.apache.org/log4j/2.x/security.html
NIST also has this as fixed in 2.16.0
https://nvd.nist.gov/vuln/detail/CVE-2021-45046
Many thanks!