Package impact
Maven / org.apache.logging.log4j:log4j
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2017-5645 | critical | 9.8 | 9.8 | 9y ago | Deserialization of Untrusted Data in Log4j | |
| CVE-2020-9488 | unknown | — | — | 6y ago | Improper validation of certificate with host mismatch in Apache Log4j SMTP appender |