QID 198613

Date Published: 2021-12-20

QID 198613: Ubuntu Security Notification for Apache Log4j 2 Vulnerability (USN-5203-1)

Apache log4j 2 did notprotect against infinite recursion in lookup evaluation.

A remote attackercould possibly use this issue to cause apache log4j 2 to crash, leading toa denial of service.

  • CVSS V3 rated as Medium - 5.9 severity.
  • CVSS V2 rated as Medium - 4.3 severity.
  • Solution
    Refer to Ubuntu security advisory USN-5203-1 for updates and patch information.
    Vendor References

    CVEs related to QID 198613

    Software Advisories
    Advisory ID Software Component Link
    USN-5203-1 Ubuntu Linux URL Logo ubuntu.com/security/notices/USN-5203-1