RHSA-2022:0439-01 -- Redhat rh-maven36-log4j12ID: oval:org.secpod.oval:def:506792 | Date: (C)2022-10-20 (M)2023-12-26 |
Class: PATCH | Family: unix |
Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender * log4j: Unsafe deserialization flaw in Chainsaw log viewer * log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |
Product: |
rh-maven36-log4j12 |