Search CVE reports
11 – 12 of 12 results
Some fixes available 1 of 4
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that...
1 affected package
apache-log4j2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apache-log4j2 | Not affected | Not affected | Fixed | Needs evaluation |
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute...
1 affected package
apache-log4j2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apache-log4j2 | Not affected | Not affected | Not affected | Not affected |