Download
| Alert*
oval:org.secpod.oval:def:112443
log4j12 is installed oval:org.secpod.oval:def:3300616 SUSE Security Update: Security update for log4j12 oval:org.secpod.oval:def:112457 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:89047423 This update for log4j12 fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. - CVE-2022-23302: Fix remote code execution by removing src/m ... oval:org.secpod.oval:def:112442 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:89047242 This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. [bsc#1193662] |