VYPR
High severity8.8NVD Advisory· Published Jan 18, 2022· Updated May 22, 2026

CVE-2022-23307

CVE-2022-23307

Description

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
log4j:log4jMaven
<= 1.2.17
org.zenframework.z8.dependencies.commons:log4j-1.2.17Maven
<= 2.0

Affected products

219

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.