VYPR

rpm package

suse/log4j&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (1)

  • CVE-2025-68161Dec 18, 2025
    affected < 2.20.0-150200.4.30.1fixed 2.20.0-150200.4.30.1

    The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName co