Lucene search
K

26 matches found

RedHat Linux
RedHat Linux
added 2022/02/03 6:51 p.m.3 views

log4j: Unsafe deserialization flaw in Chainsaw log viewer

A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run...

9CVSS7.1AI score0.52458EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/03 6:23 p.m.3 views

log4j: Unsafe deserialization flaw in Chainsaw log viewer

A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run...

9CVSS7.1AI score0.52458EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/03 2:4 p.m.2 views

log4j: Unsafe deserialization flaw in Chainsaw log viewer

A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run...

9CVSS7.1AI score0.52458EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2022/01/18 4:16 p.m.116 views

CVE-2022-23307

A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run...

9CVSS2.3AI score0.52458EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/01/18 3:25 p.m.31 views

CVE-2022-23307 A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists...

9.2AI score0.52458EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/18 12:0 a.m.45 views

Apache Log4j 1.x Multiple Vulnerabilities (Linux/Unix, Jan 2022) - Version Check

Apache Log4j is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:log4j"; ifdescription...

9.8CVSS9AI score0.66537EPSS
Exploits1References3
Rows per page
Query Builder