MGASA-2023-0141 Updated davmail packages fix security vulnerability

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1...

PT-2022-7038

Name of the Vulnerable Software and Affected Versions Log4j versions 1.2.x Description The issue is related to the JDBCAppender in Log4j, which accepts an SQL statement as a configuration parameter. This allows attackers to manipulate the SQL by entering crafted strings into input fields or heade...