GHSA-VC5P-V9HR-52MJ Apache Log4j does not verify the TLS hostname in its Socket Appender

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName configuration attribute or the log4j2.sslVerifyHostName system property is set to true. This issue may allow a...

Apache Log4j does not verify the TLS hostname in its Socket Appender

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName configuration attribute or the log4j2.sslVerifyHostName system property is set to true. This issue may allow a...

CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

DEBIAN-CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

AZL-72851 CVE-2025-59529 affecting package avahi 0.8-5

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

UBUNTU-CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

UBUNTU-CVE-2025-59529

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

CVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appender

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

CVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appender

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

CVE-2025-68161

CVE-2025-68161 affects Apache Log4j Core Socket Appender (versions 2.0-beta9–2.25.2). Root cause: TLS hostname verification is not performed for peer certificates when configured via verifyHostName or the log4j2.sslVerifyHostName setting. Impact: potential MITM interception/redirection of log tra...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the serverwork function. An attacker can exhaust system memory and file descriptors even when CLIENTSMAX is defined by establishing numerous local connections, leading to increased...

EUVD-2025-204402

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

SUSE CVE-2025-68305

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

PT-2025-52349

Name of the Vulnerable Software and Affected Versions Apache Log4j Core versions 2.0-beta9 through 2.25.2 Description The Socket Appender in Apache Log4j Core does not verify the hostname of the peer certificate during TLS connections, even when configured to do so. This could allow a...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991279)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991279 advisory. In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer...

openSUSE 15 Security Update : python39 (SUSE-SU-2025:4433-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4433-1 advisory. Update to 3.9.25: - Security - gh-137836: Add support of the plaintext element, RAWTEXT elements xmp, iframe, noembed and noframes, and optionally RAWTEXT...

CVE-2025-12689 DoS in Calls plugin via malformed UTF-8 in WebSocket request

Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 fail to check WebSocket request field for proper UTF-8 format, which allows attacker to crash Calls plug-in via sending malformed request...