Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/apache-log4j1.2@0?distro=trixie
Typedeb
Namespacedebian
Nameapache-log4j1.2
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.2.17-9
Latest_non_vulnerable_version1.2.17-11
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-b9ra-7vku-kuhu
vulnerability_id VCID-b9ra-7vku-kuhu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34479.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34479.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34479
reference_id
reference_type
scores
0
value 0.00119
scoring_system epss
scoring_elements 0.30901
published_at 2026-04-11T12:55:00Z
1
value 0.00119
scoring_system epss
scoring_elements 0.30813
published_at 2026-04-13T12:55:00Z
2
value 0.00119
scoring_system epss
scoring_elements 0.30858
published_at 2026-04-12T12:55:00Z
3
value 0.00157
scoring_system epss
scoring_elements 0.36195
published_at 2026-04-24T12:55:00Z
4
value 0.00157
scoring_system epss
scoring_elements 0.36497
published_at 2026-04-16T12:55:00Z
5
value 0.00157
scoring_system epss
scoring_elements 0.3648
published_at 2026-04-18T12:55:00Z
6
value 0.00157
scoring_system epss
scoring_elements 0.36423
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34479
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34479
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34479
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2
5
reference_url https://logging.apache.org/cyclonedx/vdr.xml
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:45:24Z/
url https://logging.apache.org/cyclonedx/vdr.xml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34479
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34479
7
reference_url http://www.openwall.com/lists/oss-security/2026/04/10/8
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/10/8
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133848
reference_id 1133848
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133848
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457313
reference_id 2457313
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457313
10
reference_url https://github.com/apache/logging-log4j2/pull/4078
reference_id 4078
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:45:24Z/
url https://github.com/apache/logging-log4j2/pull/4078
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:log4j_1_2_api:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:log4j_1_2_api:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:log4j_1_2_api:*:*:*:*:*:*:*:*
12
reference_url https://lists.apache.org/thread/gd0hp6mj17rn3kj279vgy4p7kd4zz5on
reference_id gd0hp6mj17rn3kj279vgy4p7kd4zz5on
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:45:24Z/
url https://lists.apache.org/thread/gd0hp6mj17rn3kj279vgy4p7kd4zz5on
13
reference_url https://github.com/advisories/GHSA-h383-gmxw-35v2
reference_id GHSA-h383-gmxw-35v2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h383-gmxw-35v2
14
reference_url https://logging.apache.org/log4j/2.x/migrate-from-log4j1.html
reference_id migrate-from-log4j1.html
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:45:24Z/
url https://logging.apache.org/log4j/2.x/migrate-from-log4j1.html
15
reference_url https://logging.apache.org/security.html#CVE-2026-34479
reference_id security.html#CVE-2026-34479
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:45:24Z/
url https://logging.apache.org/security.html#CVE-2026-34479
fixed_packages
0
url pkg:deb/debian/apache-log4j1.2@0?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-10%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-11%3Fdistro=trixie
aliases CVE-2026-34479, GHSA-h383-gmxw-35v2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ra-7vku-kuhu
1
url VCID-jq79-z19a-jfak
vulnerability_id VCID-jq79-z19a-jfak
summary 
Apache Log4j's JsonTemplateLayout produces invalid JSON output when log events contain non-finite floating-point values
Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values (NaN, Infinity, or -Infinity), which are prohibited by RFC 8259. This may cause downstream log processing systems to reject or fail to index affected records.

An attacker can exploit this issue only if both of the following conditions are met:

  *  The application uses JsonTemplateLayout.
  *  The application logs a MapMessage containing an attacker-controlled floating-point value.


Users are advised to upgrade to Apache Log4j JSON Template Layout 2.25.4, which corrects this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34481.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34481.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34481
reference_id
reference_type
scores
0
value 0.00119
scoring_system epss
scoring_elements 0.30858
published_at 2026-04-12T12:55:00Z
1
value 0.00119
scoring_system epss
scoring_elements 0.30901
published_at 2026-04-11T12:55:00Z
2
value 0.00119
scoring_system epss
scoring_elements 0.30813
published_at 2026-04-13T12:55:00Z
3
value 0.00157
scoring_system epss
scoring_elements 0.36497
published_at 2026-04-16T12:55:00Z
4
value 0.00157
scoring_system epss
scoring_elements 0.36195
published_at 2026-04-24T12:55:00Z
5
value 0.00157
scoring_system epss
scoring_elements 0.36423
published_at 2026-04-21T12:55:00Z
6
value 0.00157
scoring_system epss
scoring_elements 0.3648
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34481
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34481
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34481
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j2
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2
5
reference_url https://github.com/apache/logging-log4j2/pull/4080
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:41:23Z/
url https://github.com/apache/logging-log4j2/pull/4080
6
reference_url https://lists.apache.org/thread/n34zdv00gbkdbzt2rx9rf5mqz6lhopcv
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:41:23Z/
url https://lists.apache.org/thread/n34zdv00gbkdbzt2rx9rf5mqz6lhopcv
7
reference_url https://logging.apache.org/cyclonedx/vdr.xml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:41:23Z/
url https://logging.apache.org/cyclonedx/vdr.xml
8
reference_url https://logging.apache.org/log4j/2.x/manual/json-template-layout.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:41:23Z/
url https://logging.apache.org/log4j/2.x/manual/json-template-layout.html
9
reference_url https://logging.apache.org/security.html#CVE-2026-34481
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:41:23Z/
url https://logging.apache.org/security.html#CVE-2026-34481
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34481
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34481
11
reference_url http://www.openwall.com/lists/oss-security/2026/04/10/10
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/10/10
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133846
reference_id 1133846
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133846
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457321
reference_id 2457321
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457321
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:log4j_layout_template_json:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:log4j_layout_template_json:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:log4j_layout_template_json:*:*:*:*:*:*:*:*
15
reference_url https://github.com/advisories/GHSA-w35j-pv5h-q9q9
reference_id GHSA-w35j-pv5h-q9q9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w35j-pv5h-q9q9
fixed_packages
0
url pkg:deb/debian/apache-log4j1.2@0?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-10%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-11%3Fdistro=trixie
aliases CVE-2026-34481, GHSA-w35j-pv5h-q9q9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jq79-z19a-jfak
2
url VCID-jwav-88m7-6fhz
vulnerability_id VCID-jwav-88m7-6fhz
summary 
Remote code injection in Log4j
Log4j versions prior to 2.16.0 are subject to a remote code execution vulnerability via the ldap JNDI parser.
As per [Apache's Log4j security guide](https://logging.apache.org/log4j/2.x/security.html): Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.16.0, this behavior has been disabled by default.

Log4j version 2.15.0 contained an earlier fix for the vulnerability, but that patch did not disable attacker-controlled JNDI lookups in all situations. For more information, see the `Updated advice for version 2.16.0` section of this advisory.
references
0
reference_url http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
1
reference_url http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html
2
reference_url http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html
3
reference_url http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
4
reference_url http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html
5
reference_url http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html
6
reference_url http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html
7
reference_url http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html
8
reference_url http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html
9
reference_url http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html
10
reference_url http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html
11
reference_url http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html
12
reference_url http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html
13
reference_url http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html
14
reference_url http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html
15
reference_url http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html
16
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44228.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44228.json
17
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44228
reference_id
reference_type
scores
0
value 0.94358
scoring_system epss
scoring_elements 0.99962
published_at 2026-04-24T12:55:00Z
1
value 0.94358
scoring_system epss
scoring_elements 0.99961
published_at 2026-04-13T12:55:00Z
2
value 0.9445
scoring_system epss
scoring_elements 0.99991
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44228
18
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
19
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
20
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
21
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
23
reference_url http://seclists.org/fulldisclosure/2022/Dec/2
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://seclists.org/fulldisclosure/2022/Dec/2
24
reference_url http://seclists.org/fulldisclosure/2022/Jul/11
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://seclists.org/fulldisclosure/2022/Jul/11
25
reference_url http://seclists.org/fulldisclosure/2022/Mar/23
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://seclists.org/fulldisclosure/2022/Mar/23
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/apache/logging-log4j2
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2
28
reference_url https://github.com/apache/logging-log4j2/pull/608
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2/pull/608
29
reference_url https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
reference_id
reference_type
scores
url https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
30
reference_url https://github.com/cisagov/log4j-affected-db
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://github.com/cisagov/log4j-affected-db
31
reference_url https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md
32
reference_url https://github.com/github/advisory-database/pull/5501
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/5501
33
reference_url https://github.com/tangxiaofeng7/apache-log4j-poc
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/tangxiaofeng7/apache-log4j-poc
34
reference_url https://issues.apache.org/jira/browse/LOG4J2-3198
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/LOG4J2-3198
35
reference_url https://issues.apache.org/jira/browse/LOG4J2-3201
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/LOG4J2-3201
36
reference_url https://issues.apache.org/jira/browse/LOG4J2-3214
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/LOG4J2-3214
37
reference_url https://issues.apache.org/jira/browse/LOG4J2-3221
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/LOG4J2-3221
38
reference_url https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB
42
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM
43
reference_url https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0
44
reference_url https://logging.apache.org/log4j/2.x/manual/lookups.html#JndiLookup
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://logging.apache.org/log4j/2.x/manual/lookups.html#JndiLookup
45
reference_url https://logging.apache.org/log4j/2.x/manual/migration.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://logging.apache.org/log4j/2.x/manual/migration.html
46
reference_url https://logging.apache.org/log4j/2.x/security.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://logging.apache.org/log4j/2.x/security.html
47
reference_url https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2
48
reference_url https://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html
49
reference_url https://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html
50
reference_url https://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html
51
reference_url https://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html
52
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
53
reference_url https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
54
reference_url https://seclists.org/fulldisclosure/2022/Dec/2
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2022/Dec/2
55
reference_url https://seclists.org/fulldisclosure/2022/Jul/11
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2022/Jul/11
56
reference_url https://seclists.org/fulldisclosure/2022/Mar/23
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2022/Mar/23
57
reference_url https://security.netapp.com/advisory/ntap-20211210-0007
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211210-0007
58
reference_url https://support.apple.com/kb/HT213189
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://support.apple.com/kb/HT213189
59
reference_url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
60
reference_url https://twitter.com/kurtseifried/status/1469345530182455296
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://twitter.com/kurtseifried/status/1469345530182455296
61
reference_url https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001
62
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228
63
reference_url https://www.debian.org/security/2021/dsa-5020
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.debian.org/security/2021/dsa-5020
64
reference_url https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html
65
reference_url https://www.kb.cert.org/vuls/id/930724
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.kb.cert.org/vuls/id/930724
66
reference_url https://www.lunasec.io/docs/blog/log4j-zero-day/
reference_id
reference_type
scores
url https://www.lunasec.io/docs/blog/log4j-zero-day/
67
reference_url https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
68
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
69
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.oracle.com/security-alerts/cpujan2022.html
70
reference_url http://www.openwall.com/lists/oss-security/2021/12/10/1
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://www.openwall.com/lists/oss-security/2021/12/10/1
71
reference_url http://www.openwall.com/lists/oss-security/2021/12/10/2
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://www.openwall.com/lists/oss-security/2021/12/10/2
72
reference_url http://www.openwall.com/lists/oss-security/2021/12/10/3
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://www.openwall.com/lists/oss-security/2021/12/10/3
73
reference_url http://www.openwall.com/lists/oss-security/2021/12/13/1
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://www.openwall.com/lists/oss-security/2021/12/13/1
74
reference_url http://www.openwall.com/lists/oss-security/2021/12/13/2
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://www.openwall.com/lists/oss-security/2021/12/13/2
75
reference_url http://www.openwall.com/lists/oss-security/2021/12/14/4
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://www.openwall.com/lists/oss-security/2021/12/14/4
76
reference_url http://www.openwall.com/lists/oss-security/2021/12/15/3
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url http://www.openwall.com/lists/oss-security/2021/12/15/3
77
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001478
reference_id 1001478
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001478
78
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2030932
reference_id 2030932
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2030932
79
reference_url https://security.archlinux.org/AVG-2621
reference_id AVG-2621
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2621
80
reference_url https://security.archlinux.org/AVG-2622
reference_id AVG-2622
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2622
81
reference_url https://security.archlinux.org/AVG-2624
reference_id AVG-2624
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2624
82
reference_url https://security.archlinux.org/AVG-2626
reference_id AVG-2626
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2626
83
reference_url https://security.archlinux.org/AVG-2632
reference_id AVG-2632
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2632
84
reference_url https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228
reference_id CVE-2021-44228
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228
85
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/50590.py
reference_id CVE-2021-44228
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/50590.py
86
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/50592.py
reference_id CVE-2021-44228
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/50592.py
87
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/51183.txt
reference_id CVE-2021-44228
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/51183.txt
88
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44228
reference_id CVE-2021-44228
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44228
89
reference_url https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html
reference_id CVE-2021-44228.HTML
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html
90
reference_url https://github.com/advisories/GHSA-7rjr-3q55-vv33
reference_id GHSA-7rjr-3q55-vv33
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-7rjr-3q55-vv33
91
reference_url https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
reference_id GHSA-jfh8-c2jp-5v3q
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
92
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/
reference_id M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/
93
reference_url https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
reference_id microsofts-response-to-cve-2021-44228-apache-log4j2
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
94
reference_url https://security.netapp.com/advisory/ntap-20211210-0007/
reference_id ntap-20211210-0007
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://security.netapp.com/advisory/ntap-20211210-0007/
95
reference_url https://access.redhat.com/errata/RHSA-2021:5093
reference_id RHSA-2021:5093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5093
96
reference_url https://access.redhat.com/errata/RHSA-2021:5094
reference_id RHSA-2021:5094
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5094
97
reference_url https://access.redhat.com/errata/RHSA-2021:5106
reference_id RHSA-2021:5106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5106
98
reference_url https://access.redhat.com/errata/RHSA-2021:5107
reference_id RHSA-2021:5107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5107
99
reference_url https://access.redhat.com/errata/RHSA-2021:5108
reference_id RHSA-2021:5108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5108
100
reference_url https://access.redhat.com/errata/RHSA-2021:5126
reference_id RHSA-2021:5126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5126
101
reference_url https://access.redhat.com/errata/RHSA-2021:5127
reference_id RHSA-2021:5127
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5127
102
reference_url https://access.redhat.com/errata/RHSA-2021:5128
reference_id RHSA-2021:5128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5128
103
reference_url https://access.redhat.com/errata/RHSA-2021:5129
reference_id RHSA-2021:5129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5129
104
reference_url https://access.redhat.com/errata/RHSA-2021:5130
reference_id RHSA-2021:5130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5130
105
reference_url https://access.redhat.com/errata/RHSA-2021:5132
reference_id RHSA-2021:5132
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5132
106
reference_url https://access.redhat.com/errata/RHSA-2021:5133
reference_id RHSA-2021:5133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5133
107
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
108
reference_url https://access.redhat.com/errata/RHSA-2021:5137
reference_id RHSA-2021:5137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5137
109
reference_url https://access.redhat.com/errata/RHSA-2021:5138
reference_id RHSA-2021:5138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5138
110
reference_url https://access.redhat.com/errata/RHSA-2021:5140
reference_id RHSA-2021:5140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5140
111
reference_url https://access.redhat.com/errata/RHSA-2021:5141
reference_id RHSA-2021:5141
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5141
112
reference_url https://access.redhat.com/errata/RHSA-2021:5148
reference_id RHSA-2021:5148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5148
113
reference_url https://access.redhat.com/errata/RHSA-2022:0082
reference_id RHSA-2022:0082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0082
114
reference_url https://access.redhat.com/errata/RHSA-2022:0203
reference_id RHSA-2022:0203
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0203
115
reference_url https://access.redhat.com/errata/RHSA-2022:0296
reference_id RHSA-2022:0296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0296
116
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
117
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
118
reference_url https://usn.ubuntu.com/5192-1/
reference_id USN-5192-1
reference_type
scores
url https://usn.ubuntu.com/5192-1/
119
reference_url https://usn.ubuntu.com/5192-2/
reference_id USN-5192-2
reference_type
scores
url https://usn.ubuntu.com/5192-2/
120
reference_url https://usn.ubuntu.com/5197-1/
reference_id USN-5197-1
reference_type
scores
url https://usn.ubuntu.com/5197-1/
121
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/
reference_id VU57UJDCFIASIO35GC55JMKSRXJMCDFM
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:25:34Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/
fixed_packages
0
url pkg:deb/debian/apache-log4j1.2@0?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-10%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-11%3Fdistro=trixie
aliases CVE-2021-44228, GHSA-jfh8-c2jp-5v3q
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwav-88m7-6fhz
3
url VCID-khr7-6pza-afab
vulnerability_id VCID-khr7-6pza-afab
summary 
Apache Log4j 1.x (EOL) allows Denial of Service (DoS)
** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie deeply nested) hashmap or hashtable (depending on which logging component is in use) to be processed could exhaust the available memory in the virtual machine and achieve Denial of Service when the object is deserialized. This issue affects Apache Log4j before 2. Affected users are recommended to update to Log4j 2.x. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26464.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26464.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26464
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.34808
published_at 2026-04-24T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.3509
published_at 2026-04-12T12:55:00Z
2
value 0.00147
scoring_system epss
scoring_elements 0.35066
published_at 2026-04-13T12:55:00Z
3
value 0.00147
scoring_system epss
scoring_elements 0.35171
published_at 2026-04-04T12:55:00Z
4
value 0.00147
scoring_system epss
scoring_elements 0.35049
published_at 2026-04-07T12:55:00Z
5
value 0.00147
scoring_system epss
scoring_elements 0.35094
published_at 2026-04-08T12:55:00Z
6
value 0.00147
scoring_system epss
scoring_elements 0.3512
published_at 2026-04-09T12:55:00Z
7
value 0.00147
scoring_system epss
scoring_elements 0.35125
published_at 2026-04-11T12:55:00Z
8
value 0.00147
scoring_system epss
scoring_elements 0.35041
published_at 2026-04-21T12:55:00Z
9
value 0.00147
scoring_system epss
scoring_elements 0.35088
published_at 2026-04-18T12:55:00Z
10
value 0.00147
scoring_system epss
scoring_elements 0.35142
published_at 2026-04-02T12:55:00Z
11
value 0.00147
scoring_system epss
scoring_elements 0.35102
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26464
2
reference_url https://github.com/apache/logging-log4j2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2
3
reference_url https://lists.apache.org/thread/wkx6grrcjkh86crr49p4blc1v1nflj3t
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:39:52Z/
url https://lists.apache.org/thread/wkx6grrcjkh86crr49p4blc1v1nflj3t
4
reference_url https://security.netapp.com/advisory/ntap-20230505-0008
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230505-0008
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2182864
reference_id 2182864
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2182864
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26464
reference_id CVE-2023-26464
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26464
7
reference_url https://github.com/advisories/GHSA-vp98-w2p3-mv35
reference_id GHSA-vp98-w2p3-mv35
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vp98-w2p3-mv35
8
reference_url https://security.netapp.com/advisory/ntap-20230505-0008/
reference_id ntap-20230505-0008
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:39:52Z/
url https://security.netapp.com/advisory/ntap-20230505-0008/
9
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
fixed_packages
0
url pkg:deb/debian/apache-log4j1.2@0?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-10%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-11%3Fdistro=trixie
aliases CVE-2023-26464, GHSA-vp98-w2p3-mv35
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khr7-6pza-afab
4
url VCID-s9nz-6x8z-ykgz
vulnerability_id VCID-s9nz-6x8z-ykgz
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34478.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34478.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34478
reference_id
reference_type
scores
0
value 0.00145
scoring_system epss
scoring_elements 0.34928
published_at 2026-04-11T12:55:00Z
1
value 0.00145
scoring_system epss
scoring_elements 0.34869
published_at 2026-04-13T12:55:00Z
2
value 0.00145
scoring_system epss
scoring_elements 0.34892
published_at 2026-04-12T12:55:00Z
3
value 0.00191
scoring_system epss
scoring_elements 0.40854
published_at 2026-04-24T12:55:00Z
4
value 0.00191
scoring_system epss
scoring_elements 0.41053
published_at 2026-04-16T12:55:00Z
5
value 0.00191
scoring_system epss
scoring_elements 0.41024
published_at 2026-04-18T12:55:00Z
6
value 0.00191
scoring_system epss
scoring_elements 0.40947
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34478
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/logging-log4j2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2
4
reference_url https://logging.apache.org/cyclonedx/vdr.xml
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:48:27Z/
url https://logging.apache.org/cyclonedx/vdr.xml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34478
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34478
6
reference_url http://www.openwall.com/lists/oss-security/2026/04/10/7
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/10/7
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457323
reference_id 2457323
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457323
8
reference_url https://lists.apache.org/thread/3k1clr2l6vkdnl4cbhjrnt1nyjvb5gwt
reference_id 3k1clr2l6vkdnl4cbhjrnt1nyjvb5gwt
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:48:27Z/
url https://lists.apache.org/thread/3k1clr2l6vkdnl4cbhjrnt1nyjvb5gwt
9
reference_url https://github.com/apache/logging-log4j2/pull/4074
reference_id 4074
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:48:27Z/
url https://github.com/apache/logging-log4j2/pull/4074
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*
11
reference_url https://github.com/advisories/GHSA-445c-vh5m-36rj
reference_id GHSA-445c-vh5m-36rj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-445c-vh5m-36rj
12
reference_url https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout
reference_id layouts.html#RFC5424Layout
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:48:27Z/
url https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout
13
reference_url https://logging.apache.org/security.html#CVE-2026-34478
reference_id security.html#CVE-2026-34478
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:48:27Z/
url https://logging.apache.org/security.html#CVE-2026-34478
fixed_packages
0
url pkg:deb/debian/apache-log4j1.2@0?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-10%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-10%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
purl pkg:deb/debian/apache-log4j1.2@1.2.17-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@1.2.17-11%3Fdistro=trixie
aliases CVE-2026-34478, GHSA-445c-vh5m-36rj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s9nz-6x8z-ykgz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j1.2@0%3Fdistro=trixie