VIR Vulnerability Intelligence Relay

Package impact

java Maven / log4j:log4j

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-23305 critical 9.8 9.8 4y ago SQL Injection in Log4j 1.2.x debiansuserockylinuxjava+3
CVE-2019-17571 critical 9.8 9.8 7y ago Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization ga… debiansuseubuntujava+2
CVE-2023-26464 unknown 3y ago Apache Log4j 1.x (EOL) allows Denial of Service (DoS) debianjava