16 matches found
Astra Linux – Vulnerability in Apache Log4j2
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not prevent uncontrolled recursion from self-referential lookups. This allowed an attacker with control over the Thread Context Map data to cause a denial of service when a crafted string was interpreted. This issue w...
Unity Linux 20.1070e Security Update: HikariCP (UTSA-2026-016726)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016726 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016702)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016702 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016696)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016696 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1060e / 20.1070e Security Update: avalon-logkit (UTSA-2026-016681)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016681 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: datanucleus-rdbms (UTSA-2026-016721)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016721 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016713)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016713 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1060e / 20.1070e Security Update: wildfly-elytron (UTSA-2026-016677)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016677 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1060e / 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016673)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016673 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1060e / 20.1070e Security Update: mybatis (UTSA-2026-016669)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016669 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
SUSE CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...
Debian DLA-2852-1 : apache-log4j2 - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2852 advisory. Several security vulnerabilities were found in Apache Log4j2, a Logging Framework for Java, which could lead to a denial of service or information disclosure...
UBUNTU-CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...
GHSA-P6XC-XR62-6R2G Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in...
DEBIAN-CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...
CVE-2021-45105 Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...