All 3 CVE vulnerabilities found in Apache Log4j2, with AI-generated Chinese analysis, references, and POCs.
Vendor: Apache Software Foundation
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-44832 | Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration CWE-20 | 6.6 | - | 2021-12-28 |
| CVE-2021-45105 | Apache Log4j2 does not always protect from infinite recursion in lookup evaluation CWE-20 | 5.9 | - | 2021-12-18 |
| CVE-2021-44228 | Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints CWE-502 | 9.9 | - | 2021-12-10 |
All 3 known CVE vulnerabilities affecting Apache Log4j2 with full Chinese analysis, references, and POCs where available.