Lucene search
K

12 matches found

vulnersOsv
vulnersOsv
added 2022/01/04 4:14 p.m.3 views

com.savoirtech.aetos:aetos (>=4.2.0.1 <=4.2.1), org.apache.cxf.karaf:apache-cxf (>=3.4.6 <=3.4.10) +14 more potentially affected by CVE-2021-44832 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.11.10 <=1.11.12)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.11.10, =4.2.0.1, =3.4.6, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =4.2.13, =1.11.10, =1.11.10, =1.11.12 and more Source cves: CVE-2021-44832 Source advisory: OSV:GHSA-8489-44MV-GGJ8...

8.5CVSS7.1AI score0.97906EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2022/01/04 4:14 p.m.5 views

ca.uhn.hapi.fhir.karaf:hapi-fhir (>=3.3.0 <=3.7.0), com.esri.geoevent.sdk:geoevent-sdk (>=10.7.1 <=10.8.1) +118 more potentially affected by CVE-2021-44832 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.10.0 <=1.10.8)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.10.0, =3.3.0, =10.7.1, =2.0.1, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.61.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.24.01 and more Source cves: CVE-2021-44832 Source advisory: OSV:GHSA-8489-44MV-GGJ8...

8.5CVSS7.1AI score0.97906EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2022/01/04 4:14 p.m.9 views

hu.blackbelt.osgi.filestore:features (>=1.2.1 <=1.3.0), hu.blackbelt.osgi.filestore:kar (>=1.2.1 <=1.3.0) +40 more potentially affected by CVE-2021-44832 via org.ops4j.pax.logging:pax-logging-log4j2 (>=2.0.0 <=2.0.13)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =2.0.0, =1.2.1, =1.2.1, =1.0.12, =1.0.12, =2.14.2, =2.19.0, =3.12.0, =3.12.0, =3.5.0, =4.3.3, =4.3.3, =4.3.3, =4.3.3, =4.3.3, =4.3.3, =4.3.5 and more Source cves: CVE-2021-44832 Source advisory: OSV:GHSA-8489-44MV-GGJ8...

8.5CVSS7.1AI score0.97906EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2021/12/18 6:0 p.m.5 views

com.savoirtech.aetos:aetos (>=4.2.0.1 <=4.2.1), org.apache.karaf.examples:karaf-docker-example-dynamic-dist (=4.2.13) +13 more potentially affected by CVE-2021-45105 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.11.10 <=1.11.11)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.11.10, =4.2.0.1, =1.11.10, =1.11.10, =1.11.10, =1.11.11 Source cves: CVE-2021-45105 Source advisory: OSV:GHSA-P6XC-XR62-6R2G...

5.9CVSS7AI score0.99999EPSS
Exploits20
vulnersOsv
vulnersOsv
added 2021/12/18 6:0 p.m.6 views

hu.blackbelt.osgi.filestore:features (>=1.2.1 <=1.3.0), hu.blackbelt.osgi.filestore:kar (>=1.2.1 <=1.3.0) +40 more potentially affected by CVE-2021-45105 via org.ops4j.pax.logging:pax-logging-log4j2 (>=2.0.0 <=2.0.12)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =2.0.0, =1.2.1, =1.2.1, =1.0.12, =1.0.12, =2.14.2, =2.19.0, =3.12.0, =3.12.0, =4.3.3, =4.3.3, =4.3.3, =4.3.3, =4.3.3, =4.3.3, =4.3.4 and more Source cves: CVE-2021-45105 Source advisory: OSV:GHSA-P6XC-XR62-6R2G...

5.9CVSS7AI score0.99999EPSS
Exploits20
vulnersOsv
vulnersOsv
added 2021/12/18 6:0 p.m.6 views

ca.uhn.hapi.fhir.karaf:hapi-fhir (>=3.3.0 <=3.7.0), com.esri.geoevent.sdk:geoevent-sdk (>=10.7.1 <=10.8.1) +118 more potentially affected by CVE-2021-45105 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.10.0 <=1.10.8)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.10.0, =3.3.0, =10.7.1, =2.0.1, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.61.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.24.01 and more Source cves: CVE-2021-45105 Source advisory: OSV:GHSA-P6XC-XR62-6R2G...

5.9CVSS7AI score0.99999EPSS
Exploits20
vulnersOsv
vulnersOsv
added 2021/12/14 6:1 p.m.5 views

org.ops4j.pax.logging:pax-logging-log4j2-extra (=1.11.10), org.ops4j.pax.logging:pax-logging-sample-fragment-log4j2 (=1.11.10) +1 more potentially affected by CVE-2021-44228 +1 more via org.ops4j.pax.logging:pax-logging-log4j2 (=1.11.10)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.11.10 is affected by a known vulnerability. The following packages have a transitive dependency on org.ops4j.pax.logging:pax-logging-log4j2 and may be impacted: - org.ops4j.pax.logging:pax-logging-log4j2-extra =1.11.10 -...

10CVSS7AI score0.99999EPSS
Exploits354
vulnersOsv
vulnersOsv
added 2021/12/14 6:1 p.m.5 views

ca.uhn.hapi.fhir.karaf:hapi-fhir (>=3.3.0 <=3.7.0), com.esri.geoevent.sdk:geoevent-sdk (>=10.7.1 <=10.8.1) +118 more potentially affected by CVE-2021-44228 +1 more via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.10.0 <=1.10.7)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.10.0, =3.3.0, =10.7.1, =2.0.1, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.61.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.24.01 and more Source cves: CVE-2021-44228, CVE-2021-45046 Source advisory: OSV:GHSA-7RJR-3Q55-VV33...

10CVSS7AI score0.99999EPSS
Exploits354
OSV
OSV
added 2021/12/10 8:15 p.m.1 views

GHSA-XXFH-X98P-J8FR Remote code injection in Log4j (through pax-logging-log4j2)

Impact Remote Code Execution. Patches Users of pax-logging 1.11.9 should update to 1.11.10. Users of pax-logging 2.0.10 should update to 2.0.11. Workarounds Set system property -Dlog4j2.formatMsgNoLookups=true References https://github.com/advisories/GHSA-jfh8-c2jp-5v3q...

5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/12/10 8:15 p.m.68 views

Remote code injection in Log4j (through pax-logging-log4j2)

Impact Remote Code Execution. Patches Users of pax-logging 1.11.9 should update to 1.11.10. Users of pax-logging 2.0.10 should update to 2.0.11. Workarounds Set system property -Dlog4j2.formatMsgNoLookups=true References https://github.com/advisories/GHSA-jfh8-c2jp-5v3q...

3.3AI score
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2021/12/10 12:40 a.m.6 views

hu.blackbelt.osgi.filestore:features (>=1.2.1 <=1.3.0), hu.blackbelt.osgi.filestore:kar (>=1.2.1 <=1.3.0) +40 more potentially affected by CVE-2021-44228 via org.ops4j.pax.logging:pax-logging-log4j2 (>=2.0.0 <=2.0.10)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =2.0.0, =1.2.1, =1.2.1, =1.0.12, =1.0.12, =2.14.2, =2.19.0, =3.12.0, =3.12.0, =3.14.0 - org.apache.cxf.karaf:apache-cxf =3.5.0 - org.apache.karaf.examples:karaf-docker-example-dynamic-dist =4.3.3 - org.apache.karaf.features:enterprise =4.3.3 ...

10CVSS7AI score0.99999EPSS
Exploits352
vulnersOsv
vulnersOsv
added 2021/12/10 12:40 a.m.11 views

ca.uhn.hapi.fhir.karaf:hapi-fhir (>=3.3.0 <=3.7.0), com.esri.geoevent.sdk:geoevent-sdk (>=10.7.1 <=10.8.1) +118 more potentially affected by CVE-2021-44228 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.10.0 <=1.10.7)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.10.0, =3.3.0, =10.7.1, =2.0.1, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.61.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.24.01 and more Source cves: CVE-2021-44228 Source advisory: OSV:GHSA-JFH8-C2JP-5V3Q...

10CVSS7AI score0.99999EPSS
Exploits352
Rows per page
Query Builder