rpm package
opensuse/disruptor&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/disruptor&distro=openSUSE%20Leap%2015.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-45046 | — | KEV | < 3.4.4-lp152.2.3.1 | 3.4.4-lp152.2.3.1 | Dec 14, 2021 | It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with | |
| CVE-2021-44228 | — | KEV | < 3.4.4-lp152.2.3.1 | 3.4.4-lp152.2.3.1 | Dec 10, 2021 | Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messa |
- affected < 3.4.4-lp152.2.3.1fixed 3.4.4-lp152.2.3.1
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with
- affected < 3.4.4-lp152.2.3.1fixed 3.4.4-lp152.2.3.1
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messa