Critical severityNVD Advisory· Published Jan 18, 2022· Updated Aug 3, 2024
A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.
CVE-2022-23307
Description
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2022-23307 is a deserialization vulnerability in Apache Chainsaw, formerly part of Log4j 1.2.x, allowing remote code execution.
Vulnerability
CVE-2022-23307 is a deserialization issue present in Apache Chainsaw. Prior to Chainsaw V2.0, Chainsaw was a component of Apache Log4j 1.2.x, where the same vulnerability also exists [1]. Affected versions include all versions of Log4j 1.2.x that include Chainsaw [1]. The vulnerability arises from insecure deserialization of log events, which can be exploited via the application's deserialization functionality [1].
Exploitation
An attacker can exploit this vulnerability by sending a crafted serialized Java object to the Chainsaw component or Log4j 1.2.x code path that processes such objects [1]. The attacker may need network access to the system running the vulnerable software, and no authentication is required if the deserialization endpoint is exposed [1]. By supplying a malicious serialized object, the attacker triggers deserialization without proper validation, leading to execution of arbitrary code [1].
Impact
Successful exploitation allows an attacker to achieve remote code execution (RCE) on the target system [1]. The attacker gains the ability to execute arbitrary commands with the privileges of the vulnerable application, potentially leading to full system compromise [1]. The confidentiality, integrity, and availability of the affected system can be fully compromised [1].
Mitigation
Apache Log4j 1.x reached End of Life on August 5, 2015, and no patches are available for this vulnerability [1]. Users are strongly recommended to upgrade to Apache Log4j 2 (2.x), which is actively maintained [1]. For Chainsaw, users should migrate to Chainsaw V2.0 or later [1]. No workaround or mitigation is provided by the vendor for Log4j 1.x [1].
References
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
log4j:log4jMaven | <= 1.2.17 | — |
org.zenframework.z8.dependencies.commons:log4j-1.2.17Maven | <= 2.0 | — |
Affected products
180- osv-coords179 versionspkg:apk/chainguard/druid-compatpkg:apk/wolfi/druid-compatpkg:maven/log4j/log4jpkg:maven/org.zenframework.z8.dependencies.commons/log4j-1.2.17pkg:rpm/almalinux/parfaitpkg:rpm/almalinux/parfait-examplespkg:rpm/almalinux/parfait-javadocpkg:rpm/almalinux/pcp-parfait-agentpkg:rpm/almalinux/si-unitspkg:rpm/almalinux/si-units-javadocpkg:rpm/almalinux/unit-apipkg:rpm/almalinux/unit-api-javadocpkg:rpm/almalinux/uom-libpkg:rpm/almalinux/uom-lib-javadocpkg:rpm/almalinux/uom-parentpkg:rpm/almalinux/uom-sepkg:rpm/almalinux/uom-se-javadocpkg:rpm/almalinux/uom-systemspkg:rpm/almalinux/uom-systems-javadocpkg:rpm/opensuse/kafka&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kafka-kit&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kafka-kit&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/log4j12&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/log4j&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/elasticsearch&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/kafka&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/kafka&distro=SUSE%20Package%20Hub%2015%20SP3pkg:rpm/suse/kafka-kit&distro=SUSE%20Package%20Hub%2015%20SP3pkg:rpm/suse/log4j12&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/log4j12&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/log4j12&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/log4j12&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/log4j&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/log4j&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/logstash&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-agent&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-log-metrics&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-log-metrics&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-log-metrics&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-log-persister&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-log-persister&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-log-persister&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-log-transformer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-log-transformer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-log-transformer&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-persister-java&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-thresh&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/spark&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/storm&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/venv-openstack-aodh&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-aodh&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-designate&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-freezer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-freezer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon-hpe&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-keystone&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-magnum&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-murano&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-murano&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-sahara&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-swift&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-trove&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-trove&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/zookeeper&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 34.0.0-r6+ 178 more
- (no CPE)range: < 34.0.0-r6
- (no CPE)range: < 34.0.0-r6
- (no CPE)range: <= 1.2.17
- (no CPE)range: <= 2.0
- (no CPE)range: < 0.5.4-4.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.5.4-4.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 0.5.4-4.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.5.4-4.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 0.6.5-2.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.6.5-2.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0-5.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0-5.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0.1-6.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0.1-6.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0.3-3.module_el8.5.0+235+62ea7738
- (no CPE)range: < 1.0.4-3.module_el8.5.0+235+62ea7738
- (no CPE)range: < 1.0.4-3.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.7-1.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.7-1.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 2.1.0-3.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 2.4.2-5.6.1
- (no CPE)range: < 2.4.2-5.6.1
- (no CPE)range: < 2.4.2-6.6.1
- (no CPE)range: < 2.4.2-5.6.1
- (no CPE)range: < 2.4.2-6.6.1
- (no CPE)range: < 0.10.2.2-5.12.1
- (no CPE)range: < 0.10.2.2-5.12.1
- (no CPE)range: < 0.10.2.2-3.5.1
- (no CPE)range: < 0.10.2.2-5.12.1
- (no CPE)range: < 0.10.2.2-3.5.1
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.15-26.32.20.1
- (no CPE)range: < 1.2.15-26.32.20.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 2.4.1-5.10.1
- (no CPE)range: < 2.4.1-5.10.1
- (no CPE)range: < 2.4.1-7.6.1
- (no CPE)range: < 2.4.1-5.10.1
- (no CPE)range: < 2.4.1-7.6.1
- (no CPE)range: < 2.2.6~dev4-3.27.1
- (no CPE)range: < 2.2.6~dev4-3.27.1
- (no CPE)range: < 2.8.2~dev5-3.18.1
- (no CPE)range: < 2.2.6~dev4-3.27.1
- (no CPE)range: < 2.8.2~dev5-3.18.1
- (no CPE)range: < 0.0.1-3.3.1
- (no CPE)range: < 0.0.1-3.3.1
- (no CPE)range: < 0.0.1-3.3.1
- (no CPE)range: < 0.0.1-5.3.1
- (no CPE)range: < 0.0.1-5.3.1
- (no CPE)range: < 0.0.1-5.3.1
- (no CPE)range: < 0.0.1-4.3.1
- (no CPE)range: < 0.0.1-4.3.1
- (no CPE)range: < 0.0.1-4.3.1
- (no CPE)range: < 1.7.1~a0~dev2-3.9.1
- (no CPE)range: < 1.7.1~a0~dev2-3.9.1
- (no CPE)range: < 1.12.1~dev9-15.1
- (no CPE)range: < 1.7.1~a0~dev2-3.9.1
- (no CPE)range: < 1.12.1~dev9-15.1
- (no CPE)range: < 2.1.1-4.6.1
- (no CPE)range: < 2.1.1-4.6.1
- (no CPE)range: < 2.1.1-5.6.1
- (no CPE)range: < 2.1.1-4.6.1
- (no CPE)range: < 2.1.1-5.6.1
- (no CPE)range: < 1.6.3-8.12.1
- (no CPE)range: < 1.6.3-8.12.1
- (no CPE)range: < 2.2.3-5.9.2
- (no CPE)range: < 1.6.3-8.12.1
- (no CPE)range: < 2.2.3-5.9.2
- (no CPE)range: < 1.2.3-3.11.2
- (no CPE)range: < 1.2.3-3.11.2
- (no CPE)range: < 1.2.3-3.8.1
- (no CPE)range: < 1.2.3-3.11.2
- (no CPE)range: < 1.2.3-3.8.1
- (no CPE)range: < 5.1.1~dev7-12.40.1
- (no CPE)range: < 5.1.1~dev7-12.40.1
- (no CPE)range: < 5.0.2~dev3-12.41.1
- (no CPE)range: < 5.0.2~dev3-12.41.1
- (no CPE)range: < 7.0.1~dev24-3.33.1
- (no CPE)range: < 9.0.8~dev7-12.38.1
- (no CPE)range: < 9.0.8~dev7-12.38.1
- (no CPE)range: < 11.2.3~dev29-14.42.1
- (no CPE)range: < 11.2.3~dev29-14.42.1
- (no CPE)range: < 13.0.10~dev23-3.36.1
- (no CPE)range: < 5.0.3~dev7-12.39.1
- (no CPE)range: < 5.0.3~dev7-12.39.1
- (no CPE)range: < 7.0.2~dev2-3.33.1
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.36.1
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.36.1
- (no CPE)range: < 15.0.3~dev3-12.39.1
- (no CPE)range: < 15.0.3~dev3-12.39.1
- (no CPE)range: < 17.0.1~dev30-3.31.1
- (no CPE)range: < 9.0.8~dev22-12.43.1
- (no CPE)range: < 9.0.8~dev22-12.43.1
- (no CPE)range: < 11.0.4~dev4-3.33.1
- (no CPE)range: < 12.0.5~dev6-14.46.1
- (no CPE)range: < 14.1.1~dev11-4.37.1
- (no CPE)range: < 12.0.5~dev6-14.46.1
- (no CPE)range: < 9.1.8~dev8-12.41.1
- (no CPE)range: < 9.1.8~dev8-12.41.1
- (no CPE)range: < 11.1.5~dev17-4.31.1
- (no CPE)range: < 12.0.4~dev11-11.43.1
- (no CPE)range: < 12.0.4~dev11-11.43.1
- (no CPE)range: < 14.2.1~dev7-3.34.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.40.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.40.1
- (no CPE)range: < 7.2.1~dev1-4.33.1
- (no CPE)range: < 5.1.1~dev5-12.45.1
- (no CPE)range: < 5.1.1~dev5-12.45.1
- (no CPE)range: < 7.4.2~dev60-3.39.1
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.36.1
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.36.1
- (no CPE)range: < 1.8.2~dev3-3.33.1
- (no CPE)range: < 2.2.2~dev1-11.43.1
- (no CPE)range: < 2.2.2~dev1-11.43.1
- (no CPE)range: < 2.7.1~dev10-3.35.2
- (no CPE)range: < 4.0.2~dev2-12.36.1
- (no CPE)range: < 4.0.2~dev2-12.36.1
- (no CPE)range: < 11.0.9~dev69-13.46.1
- (no CPE)range: < 11.0.9~dev69-13.46.1
- (no CPE)range: < 13.0.8~dev164-6.37.1
- (no CPE)range: < 16.1.9~dev92-11.44.1
- (no CPE)range: < 16.1.9~dev92-11.44.1
- (no CPE)range: < 18.3.1~dev91-3.37.1
- (no CPE)range: < 1.0.6~dev3-12.41.1
- (no CPE)range: < 1.0.6~dev3-12.41.1
- (no CPE)range: < 3.2.3~dev7-4.33.1
- (no CPE)range: < 7.0.5~dev4-11.40.1
- (no CPE)range: < 7.0.5~dev4-11.40.1
- (no CPE)range: < 9.0.2~dev15-3.33.1
- (no CPE)range: < 2.15.2_2.15.2_2.15.2~dev32-11.31.1
- (no CPE)range: < 2.15.2_2.15.2_2.15.2~dev32-11.31.1
- (no CPE)range: < 2.19.2~dev48-2.28.1
- (no CPE)range: < 8.0.2~dev2-11.40.1
- (no CPE)range: < 8.0.2~dev2-11.40.1
- (no CPE)range: < 3.4.10-3.15.1
- (no CPE)range: < 3.4.10-3.15.1
- (no CPE)range: < 3.4.13-3.12.1
- (no CPE)range: < 3.4.10-3.15.1
- (no CPE)range: < 3.4.13-3.12.1
- Apache Software Foundation/Apache Log4j 1.xv5Range: 1.2.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-f7vh-qwp3-x37mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-23307ghsaADVISORY
- lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhhghsax_refsource_MISCWEB
- logging.apache.org/log4j/1.2/index.htmlghsax_refsource_MISCWEB
- www.oracle.com/security-alerts/cpuapr2022.htmlghsax_refsource_MISCWEB
- www.oracle.com/security-alerts/cpujul2022.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.