0.008 Low
EPSS
Percentile
82.3%
Apache Chainsaw in log4j is vulnerable to remote code execution. The vulnerability exists due to a deserialization of untrusted object vulnerability allowing an attacker to execute maliciously scripted code via the system.
lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh
access.redhat.com/security/cve/cve-2022-23307
logging.apache.org/log4j/1.2/index.html
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujul2022.html