Package impact
Maven / org.zenframework.z8.dependencies.commons:log4j-1.2.17
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2022-23305 | critical | 9.8 | 9.8 | 4y ago | SQL Injection in Log4j 1.2.x | |
| CVE-2019-17571 | critical | 9.8 | 9.8 | 7y ago | Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization ga… |