Fluid Attacks Database

Exclude malware

Package apache-log4j2

FLAT-CO1AU (DLA-4444-1)

Sensitive information stored in logs In apache-log4j2

1.0

Low

Ecosystem: Debian

Package: apache-log4j2

FLAT-52J4O (DLA-2870-1)

Lack of data validation - Path Traversal In apache-log4j2

1.3

Low

Ecosystem: Debian

Package: apache-log4j2

FLAT-8HM18 (DLA-2852-1)

Lack of data validation - Path Traversal In apache-log4j2

2.7

Low

Ecosystem: Debian

Package: apache-log4j2

FLAT-2IIT4 (DSA-5024-1)

Lack of data validation - Path Traversal In apache-log4j2

1.3

Low

Ecosystem: Debian

Package: apache-log4j2

FLAT-3IFFP (DSA-5022-1)

Lack of data validation - Path Traversal In apache-log4j2

0.6

Low

Ecosystem: Debian

Package: apache-log4j2

FLAT-L0U75 (CVE-2021-45046)

Insecure deserialization In apache-log4j2

8.4

High

Ecosystem: Debian

Package: apache-log4j2

FLAT-T2NGM (DLA-2842-1)

Lack of data validation - Path Traversal In apache-log4j2

2.7

Low

Ecosystem: Debian

Package: apache-log4j2

FLAT-9P2TY (DSA-5020-1)

Lack of data validation - Path Traversal In apache-log4j2

1.3

Low

Ecosystem: Debian

Package: apache-log4j2

FLAT-QC9P8 (CVE-2021-44228)

Remote command execution In apache-log4j2

9.1

Critical

Ecosystem: Debian

Package: apache-log4j2