Lucene search
+L

3 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 9:56 a.m.15 views

Security Bulletin: There is a vulnerability in log4j-core-2.25.3.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-34477, CVE-2026-34478, CVE-2026-34480)

Summary There is a vulnerability in log4j-core-2.25.3.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed...

7.5CVSS6.5AI score0.0086EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.202 views

Apache Log4j 2.21.0 < 2.25.4 Rfc5424Layout Log Injection (CVE-2026-34478)

The version of Apache Log4j on the remote host is 2.21.0 through 2.25.3. It is, therefore, affected by a vulnerability: - The Rfc5424Layout is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. The newLineEscape attribute was...

7.5CVSS5.3AI score0.00831EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/10 5:6 p.m.12 views

ch.cern:cerndb-sw-zkpolicy (=1.0.1-21), cloud.metaapi.sdk:metaapi-common-java (>=1.0.0 <=1.0.1) +258 more potentially affected by CVE-2026-34478 via org.apache.logging.log4j:log4j-core (>=3.0.0-beta1 <=3.0.0-beta3)

org.apache.logging.log4j:log4j-core MAVEN version =3.0.0-beta1, =1.0.0, =0.0.2, =00.00.03, =1.0.6, =1.0.7, =1.0.0, =2.0.21, =1.0, =1.0.2 - com.frostphyr:customappender =1.1.0 and more Source cves: CVE-2026-34478 Source advisory: SNYK:JAVA-ORGAPACHELOGGINGLOG4J-15967739...

7.5CVSS6.5AI score0.00831EPSS
Exploits0
Rows per page
Query Builder