Known Vulnerabilities for Reload4j by Qos

Listed below are 5 of the newest known vulnerabilities associated with "Reload4j" by "Qos".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-23307 CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a c... 8.8 - HIGH 2022-01-18 2023-02-24
CVE-2022-23305 By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inser... 9.8 - CRITICAL 2022-01-18 2023-02-24
CVE-2022-23302 JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to... 8.8 - HIGH 2022-01-18 2023-02-24
CVE-2020-9493 A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution. 9.8 - CRITICAL 2021-06-16 2022-04-08
CVE-2020-9488 Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to ... 3.7 - LOW 2020-04-27 2022-05-12

Popular searches for Reload4j

reload4j

reload4j.qos.ch

reload4j L J HInitiated by Ceki Glc, the original author of Apache log4j 1.x, the reload4j Apache log4j version 1.2.17 with the goal of fixing pressing security issues. It is intended as a drop-in replacement for log4j version 1.2.17. The reload4j As mentioned above, the reload4j @ > < project aims to fix the most urgent issues in log4j 1.2.17.

Log4j Common Vulnerabilities and Exposures Vulnerability (computing) Hardening (computing) Fork (software development) Apache License Apache Maven Apache HTTP Server Secure Shell User (computing) JAR (file format) Java version history Source code GitHub Clone (computing) Java (programming language) Security bug Path (computing) Data migration Drop-in replacement

reload4j news

reload4j.qos.ch/news.html

reload4j news QOS 7 5 3.ch announce mailing list. 2021-02-08 - Release of reload4j Fixed test cases so that no folders other than those under the target folder are modified. 2021-02-03 - Release of reload4j 1.2.18.5.

Directory (computing) Manifest file Mailing list Common Vulnerabilities and Exposures OSGi Binary file Reproducible builds Implementation Unit testing Log4j Patch (computing) Hardening (computing) Software versioning Software release life cycle Java version history Java (programming language) Component-based software engineering Package manager Source code Repository (version control)

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report