10 matches found
ROS-20251105-01
A vulnerability in the Apache Log4cxx C++ logging framework is related to the fact that when using the HTMLLayout, logger names are not properly escaped when written to an HTML file. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive data A vulnerability...
EUVD-2025-25622
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-54813
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an...
Apache Log4cxx Input Validation Error Vulnerability (CNVD-2025-20868)
Apache Log4cxx is the United States Apache Apache Foundation of a C + + logging framework patterned on Apache log4j . An input validation error vulnerability exists in Apache Log4cxx versions prior to 1.5.0, which stems from JSONLayout not properly escaping all payload bytes, and can be exploited...
SUSE CVE-2025-54813
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...
Improper Output Neutralization for Logs
Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs in the JSONLayout class. An attacker can inject non-printable characters into log messages by supplying specially crafted input, which may cause downstream applications that consume these logs to...
CVE-2025-54813
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...
DEBIAN-CVE-2025-54813
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...
CVE-2025-54813
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...
CVE-2025-54813
CVE-2025-54813 affects Apache Log4cxx prior to 1.5.0, due to improper output neutralization for JSONLayout where certain non‑printable characters in attacker-supplied messages are not escaped, potentially impacting log consumption. Fedora advisory confirms a 1.5.0-1.fc41 update as the fix, and De...