Apache Log4j 1.x 产品相关 4 条漏洞,AI 中文标题与摘要、CVSS、POC 一站汇总。
ベンダー: Apache Software Foundation
| CVE ID | タイトル | CVSS | 深刻度 | 公開日 |
|---|---|---|---|---|
| CVE-2022-23307 | A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution. CWE-502 | 9.8 | - | 2022-01-18 |
| CVE-2022-23305 | SQL injection in JDBC Appender in Apache Log4j V1 CWE-89 | 9.8 | - | 2022-01-18 |
| CVE-2022-23302 | Deserialization of untrusted data in JMSSink in Apache Log4j 1.x CWE-502 | 8.8 | - | 2022-01-18 |
| CVE-2021-4104 | Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 CWE-502 | 7.5 | - | 2021-12-14 |
Apache Log4j 1.x 产品累计公开 4 条 CVE 漏洞,本页提供按时间倒序的完整列表,包含 CVSS、CWE、AI 中文摘要与可获取的 POC 链接。