Lucene search
K

4 matches found

EUVD
EUVD
added 10 hours ago4 views

EUVD-2026-43102

Improper encoding of non-finite floating-point values during MapMessage JSON serialization in Apache Log4j API produces output that is not valid JSON. This issue affects Apache Log4j API versions 2.13.1 through 2.25.4 and version 2.26.0. The fix for CVE-2026-34481 did not cover all code paths: wh...

6.3CVSS6.1AI score
Exploits0References5
CVE
CVE
added yesterday4 views

CVE-2026-49844

CVE-2026-49844 describes an issue in the Apache Log4j API where MapMessage.asJson() can emit non-finite IEEE 754 values (NaN, Infinity, -Infinity) as bare tokens during JSON serialization. This affects Log4j API versions 2.13.1–2.25.4 and 2.26.0. The fault occurs when a MapMessage contains an att...

6.3CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57319

Name of the Vulnerable Software and Affected Versions Apache Log4j API versions 2.13.1 through 2.25.4 Apache Log4j API version 2.26.0 Description Improper encoding of non-finite IEEE 754 floating-point values NaN, Infinity, or -Infinity during MapMessage JSON serialization produces output that is...

6.3CVSS6.1AI score
Exploits0References6
Snyk
Snyk
added 2026/04/10 5:6 p.m.2 views

Improper Encoding or Escaping of Output

Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output when JsonTemplateLayout logs a MapMessage. An attacker can cause downstream log processing systems to reject or fail to index affected records by supplying non-finite floating-point values such as...

7.7CVSS5.3AI score0.00555EPSS
Exploits0References2
Rows per page
Query Builder