Lucene search
K

8 matches found

EUVD
EUVD
added 10 hours ago4 views

EUVD-2026-43102

Improper encoding of non-finite floating-point values during MapMessage JSON serialization in Apache Log4j API produces output that is not valid JSON. This issue affects Apache Log4j API versions 2.13.1 through 2.25.4 and version 2.26.0. The fix for CVE-2026-34481 did not cover all code paths: wh...

6.3CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57319

Name of the Vulnerable Software and Affected Versions Apache Log4j API versions 2.13.1 through 2.25.4 Apache Log4j API version 2.26.0 Description Improper encoding of non-finite IEEE 754 floating-point values NaN, Infinity, or -Infinity during MapMessage JSON serialization produces output that is...

6.3CVSS6.1AI score
Exploits0References6
Snyk
Snyk
added 2026/06/17 2:2 p.m.7 views

Improper Validation of Specified Type of Input

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input due to improper validation of the temperature parameter while sampling. An attacker can cause the...

8.7CVSS5.9AI score0.00261EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/11 2:53 p.m.13 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the emission of non-finite color values in the content stream. An attacker can cause PDF viewers to reject the content stream, affected page, or entire document by supplying special...

5.3CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/04/10 6:31 p.m.12 views

EUVD-2026-21412

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. Th...

6.3CVSS5.8AI score0.00555EPSS
Exploits0References7
Snyk
Snyk
added 2026/04/10 5:6 p.m.2 views

Improper Encoding or Escaping of Output

Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output when JsonTemplateLayout logs a MapMessage. An attacker can cause downstream log processing systems to reject or fail to index affected records by supplying non-finite floating-point values such as...

7.7CVSS5.3AI score0.00555EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 4:16 p.m.6 views

CVE-2026-34481

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. Th...

7.5CVSS0.00555EPSS
Exploits0References6
OSV
OSV
added 2026/04/10 4:16 p.m.12 views

UBUNTU-CVE-2026-34481

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. Th...

7.5CVSS5.8AI score0.00555EPSS
Exploits0References8
Rows per page
Query Builder