Download
| Alert*
oval:org.secpod.oval:def:112330
log4j is installed oval:org.secpod.oval:def:121341 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:121394 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:121393 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:121348 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:121313 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:121371 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:121373 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:112329 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:89050494 This update for log4j fixes the following issues: - CVE-2019-17571: Fixed a remote code execution by deserialization of untrusted data in SocketServer . oval:org.secpod.oval:def:507002 Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * log4j: deserialization of untrusted data in SocketServer For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:502118 Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specia ... oval:org.secpod.oval:def:1505735 [0:1.2.14-6.4.2] - Fix CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2017-5645 - [Orabug: 33868008] [0:1.2.14-6.4.1] - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 [Orabug: 33689748] oval:org.secpod.oval:def:1505418 [0:1.2.14-6.4.1] - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 [Orabug: 33689748] oval:org.secpod.oval:def:205925 Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender For more details about the security issue, including the impact, a CVSS score, acknowledgments, an ... oval:org.secpod.oval:def:112331 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:204601 Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specia ... oval:org.secpod.oval:def:3300464 SUSE Security Update: Security update for log4j oval:org.secpod.oval:def:1501981 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:97596 [CLSA-2022:1642429400] Fixed CVE-2021-4104 in log4j oval:org.secpod.oval:def:97601 [CLSA-2022:1643918500] Fixed CVE-2022-23305 in log4j oval:org.secpod.oval:def:97602 [CLSA-2022:1644500972] Fixed CVEs in log4j: CVE-2022-23302, CVE-2022-23307 oval:org.secpod.oval:def:97647 [CLSA-2022:1655843011] Fixed CVE-2019-17571 in log4j oval:org.secpod.oval:def:1700806 A flaw was found in the Java logging library Apache Log4j in version 1.x . This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender. This flaw has been filed for Log4j 1.x, the corresponding flaw information for Log4j 2.x is available a ... |