Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.38 views

Amazon Linux 2022 : log4j, log4j-jcl, log4j-slf4j (ALAS2022-2021-004)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2021-004 advisory. It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non- default configurations. This could allows attackers with control over Thread Context Map MDC inp...

10CVSS7.4AI score0.99999EPSS
Exploits353References3
Tenable Nessus
Tenable Nessus
added 2021/12/27 12:0 a.m.115 views

FreeBSD : OpenSearch -- Log4Shell (b0f49cb9-6736-11ec-9eea-589cfc007716)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b0f49cb9-6736-11ec-9eea-589cfc007716 advisory. - It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain...

10CVSS8.2AI score0.99999EPSS
Exploits353References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/21 9:23 p.m.77 views

Security Bulletin: Apache Log4j Vulnerability Affects IBM Secure External Authentication Server (CVE-2021-45046)

Summary Apache Log4j vulnerability CVE-2021-45046 was addressed by IBM Secure External Authentication Server. Customers are encourages to take action and apply the fix below. Vulnerability Details CVEID: CVE-2021-45046 DESCRIPTION: Apache Log4j could result in remote code execution, caused by an...

10CVSS1.5AI score0.99999EPSS
Exploits353Affected Software1
Mageia
Mageia
added 2021/12/19 12:26 p.m.124 views

Updated log4j packages fix security vulnerability

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern Layout with either a Context...

9CVSS1.9AI score0.99977EPSS
Exploits40References3
Github Security Blog
Github Security Blog
added 2021/12/16 9:1 p.m.58 views

Critical vulnerability in log4j may affect generated PEAR projects

Impact UIMA PEAR projects that have been generated with the de.averbis.textanalysis:pear-archetype version 2.0.0 have a maven dependency with scope test to log4j 2.8.2 and might be affected by CVE-2021-44228. Patches - The issue has been resolved in de.averbis.textanalysis:pear-archetype version...

10CVSS1.2AI score0.99999EPSS
Exploits351References3Affected Software1
GithubExploit
GithubExploit
added 2021/12/15 4:28 p.m.458 views

Exploit for Expression Language Injection in Apache Log4J

tejas-nagchandi/CVE-2021-45046 Attack !imagehttps://use...

10CVSS10AI score0.99999EPSS
Exploits353
UbuntuCve
UbuntuCve
added 2021/12/14 4:30 p.m.71 views

CVE-2021-45046

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern Layout with either a Context...

9CVSS7.5AI score0.99977EPSS
Exploits40References7
ATTACKERKB
ATTACKERKB
added 2021/12/14 12:0 a.m.211 views

CVE-2021-45046

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern Layout with either a Context...

10CVSS9.8AI score0.99999EPSS
In wildExploits353References26
FreeBSD
FreeBSD
added 2021/12/14 12:0 a.m.33 views

OpenSearch -- Log4Shell

OpenSearch reports: CVE-2021-45046 was issued shortly following the release of OpenSearch 1.2.1. This new CVE advises upgrading from Log4j 2.15.0 used in OpenSearch 1.2.1 to Log4j 2.16.0. Out of an abundance of caution, the team is releasing OpenSearch 1.2.2 which includes Log4j 2.16.0. While the...

9CVSS1.6AI score0.99977EPSS
Exploits40References1
Rows per page
Query Builder