Lucene search
OracleLinuxELSA-2022-9419HistoryMay 23, 2022 - 12:00 a.m.
log4j security update
2022-05-2300:00:00
linux.oracle.com
52
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
[0:1.2.14-6.4.2]
- Fix CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2017-5645
- [Orabug: 33868008]
[0:1.2.14-6.4.1] - Fix remote code execution vulnerability
- Resolves: CVE-2021-4104 [Orabug: 33689748]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 6 | src | log4j | <Β 1.2.14-6.4.2.el6_10 | log4j-1.2.14-6.4.2.el6_10.src.rpm |
| oracle linux | 6 | i686 | log4j | <Β 1.2.14-6.4.2.el6_10 | log4j-1.2.14-6.4.2.el6_10.i686.rpm |
| oracle linux | 6 | i686 | log4j-javadoc | <Β 1.2.14-6.4.2.el6_10 | log4j-javadoc-1.2.14-6.4.2.el6_10.i686.rpm |
| oracle linux | 6 | i686 | log4j-manual | <Β 1.2.14-6.4.2.el6_10 | log4j-manual-1.2.14-6.4.2.el6_10.i686.rpm |
| oracle linux | 6 | src | log4j | <Β 1.2.14-6.4.2.el6_10 | log4j-1.2.14-6.4.2.el6_10.src.rpm |
| oracle linux | 6 | x86_64 | log4j | <Β 1.2.14-6.4.2.el6_10 | log4j-1.2.14-6.4.2.el6_10.x86_64.rpm |
| oracle linux | 6 | x86_64 | log4j-javadoc | <Β 1.2.14-6.4.2.el6_10 | log4j-javadoc-1.2.14-6.4.2.el6_10.x86_64.rpm |
| oracle linux | 6 | x86_64 | log4j-manual | <Β 1.2.14-6.4.2.el6_10 | log4j-manual-1.2.14-6.4.2.el6_10.x86_64.rpm |
Related
nessus
nessus
CentOS 7 : log4j (CESA-2022:0442)
2022-02-08 00:00:00
RHEL 7 : rh-maven36-log4j12 (RHSA-2022:0439)
2022-02-04 00:00:00
RHEL 6 / 7 : log4j (RHSA-2022:0442)
2022-02-08 00:00:00
amazon
amazon
Important: log4j
2023-03-30 22:50:00
Important: log4j
2022-02-15 22:54:00
openvas
openvas
CentOS: Security Advisory for log4j (CESA-2022:0442)
2022-02-09 00:00:00
openSUSE: Security Advisory for log4j12 (openSUSE-SU-2022:0226-1)
2022-02-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0214-1)
2022-01-28 00:00:00
redhat
redhat
(RHSA-2022:0439) Important: rh-maven36-log4j12 security update
2022-02-03 18:49:50
(RHSA-2022:0442) Important: log4j security update
2022-02-07 09:41:50
oraclelinux
oraclelinux
log4j security update
2022-02-08 00:00:00
parfait:0.5 security update
2022-01-27 00:00:00
log4j security update
2017-08-09 00:00:00
suse
suse
Security update for log4j (important)
2022-01-27 00:00:00
Security update for log4j12 (important)
2022-01-28 00:00:00
Security update for kafka (important)
2022-02-16 00:00:00
centos
centos
log4j security update
2022-02-07 16:47:44
almalinux
almalinux
Important: parfait:0.5 security update
2022-01-26 14:27:19
ubuntu
ubuntu
Apache Log4j vulnerabilities
2023-04-05 00:00:00
atlassian
atlassian
osv
osv
apache-log4j1.2 - security update
2022-01-31 00:00:00
apache-log4j1.2 vulnerabilities
2023-04-05 21:26:34
Important: parfait:0.5 security update
2022-01-26 14:27:19
debian
debian
[SECURITY] [DLA 2905-1] apache-log4j1.2 security update
2022-01-31 14:24:44
rocky
rocky
parfait:0.5 security update
2022-01-26 14:27:19
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-23307, CVE-2022-23302
2022-02-10 13:49:32
fedora
fedora
[SECURITY] Fedora 26 Update: log4j-2.7-4.fc26
2017-05-02 15:59:49
[SECURITY] Fedora 24 Update: log4j12-1.2.17-19.fc24
2017-06-12 19:29:11
[SECURITY] Fedora 24 Update: log4j-2.5-3.fc24
2017-05-04 18:26:42
checkpoint_advisories
checkpoint_advisories
Apache Log4j Remote Code Execution (CVE-2017-5645)
2022-01-02 00:00:00
cve
cve
CVE-2017-5645
2017-04-17 21:59:00
CVE-2022-23305
2022-01-18 16:15:00
f5
f5
K23173103 : log4j vulnerability CVE-2017-5645
2018-01-31 00:00:00
K34002344 : Overview of Log4j vulnerabilities (2021 and 2022)
2022-02-01 00:00:00
K97120268 : Apache Log4j SQL injection vulnerability CVE-2022-23305
2022-01-31 00:00:00
ubuntucve
ubuntucve
CVE-2017-5645
2017-04-17 00:00:00
CVE-2022-23305
2022-01-18 00:00:00
debiancve
debiancve
CVE-2017-5645
2017-04-17 21:59:00
CVE-2022-23305
2022-01-18 16:15:00
github
github
Deserialization of Untrusted Data in Log4j
2020-01-06 18:43:38
seebug
seebug
Apache Log4j socket receiver deserialization vulnerability (CVE-2017-5645)
2017-04-18 00:00:00
symantec
symantec
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2017-04-17 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:17:41
Remote Code Execution (RCE)
2022-01-19 04:24:50
SQL Injection
2022-01-19 12:47:45
prion
prion
Code injection
2017-04-17 21:59:00
myhack58
myhack58
mageia
mageia
Updated davmail packages fix security vulnerability
2023-04-15 22:03:44
gentoo
gentoo
Apache Log4j: Multiple Vulnerabilities
2024-02-18 00:00:00
cnvd
cnvd
Apache log4j Chainsaw deserialization code execution vulnerability
2022-01-20 00:00:00
Apache log4j JMSSink deserialization code execution vulnerability
2022-01-20 00:00:00
redhatcve
redhatcve
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
Related for ELSA-2022-9419