VulnerableCode Package Details - pkg:ebuild/dev-embedded/arduino@1.8.19

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:ebuild/dev-embedded/arduino@1.8.19

Essentials
History (1)

purl	pkg:ebuild/dev-embedded/arduino@1.8.19

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-698m-2hju-2qcv	Deserialization of Untrusted Data JMSAppender in Log4j is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide `TopicBindingName` and `TopicConnectionFactoryBindingName` configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j when specifically configured to use JMSAppender, which is not the default. Apache Log4j reached end of life in August Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.	CVE-2021-4104 GHSA-fp5r-v3w9-4333

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:14:43.094720+00:00	Gentoo Importer	Fixing	VCID-698m-2hju-2qcv	https://security.gentoo.org/glsa/202312-04	38.0.0