[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2022:0226-1 -- SLES log4j12

ID: oval:org.secpod.oval:def:89045981Date: (C)2022-02-17   (M)2023-12-26
Class: PATCHFamily: unix




This update for log4j12 fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. - CVE-2022-23302: Fix remote code execution by removing src/main/java/org/apache/log4j/net/JMSSink.java

Platform:
SUSE Linux Enterprise Server 15 SP2
Product:
log4j12
Reference:
SUSE-SU-2022:0226-1
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307
CVE    3
CVE-2022-23307
CVE-2022-23305
CVE-2022-23302

© SecPod Technologies