pkg:Debian/apache-log4j2

All known vulnerabilities

• CRITICAL10.0CVE-2021-44228⚠ KEVapache-log4j2 - security update
  from 0, < 2.7-2+deb9u1
• CRITICAL10.0CVE-2021-44228⚠ KEVapache-log4j2 - security update
  from 0, < 2.15.0-1~deb10u1
• CRITICAL10.0⚠ KEVapache-log4j2 - security update
  from 0, < 2.15.0-1~deb11u1
• CRITICAL9.0⚠ KEVapache-log4j2 - security update
  from 0, < 2.16.0-1~deb10u1
• CRITICAL9.0⚠ KEVapache-log4j2 - security update
  from 0, < 2.16.0-1~deb11u1
• CRITICAL9.8Deserialization of Untrusted Data in Log4j
  from 0, < 2.7-2
• HIGH8.6apache-log4j2 - security update
  from 0, < 2.17.0-1~deb10u1
• HIGH8.6apache-log4j2 - security update
  from 0, < 2.17.0-1~deb11u1
• HIGH7.5Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout
  from 0
• HIGH7.5Apache Log4j 1 to Log4j 2 bridge: silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters
  from 0
• HIGH7.5Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters
  from 0
• MEDIUM6.6apache-log4j2 - security update
  from 0, < 2.12.4-0+deb9u1
• MEDIUM6.6apache-log4j2 - security update
  from 0, < 2.17.1-1~deb11u1
• MEDIUM4.8apache-log4j2 - security update
  from 0, < 2.17.1-1~deb11u2
• MEDIUM4.8apache-log4j2 - security update
  from 0, < 2.17.1-1~deb11u2
• LOW3.7apache-log4j2 - security update
  from 0, < 2.12.3-0+deb9u1
• LOW3.7apache-log4j2 - security update
  from 0, < 2.13.3-1