VYPR

Maven package

org.apache.logging.log4j/log4j-layout-template-json

pkg:maven/org.apache.logging.log4j/log4j-layout-template-json

Vulnerabilities (1)

  • CVE-2026-34481HigApr 10, 2026
    affected >= 2.14.0, < 2.25.4fixed 2.25.4

    Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values (NaN, Infinity, or -Infinity), which are prohib