Lucene search
Veracode Vulnerability DatabaseVERACODE:39644HistoryMar 10, 2023 - 11:28 p.m.
Denial Of Service (DoS)
2023-03-1023:28:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
log4j
vulnerability
crafted logging entry
denial of service
memory exhaustion
deserialized
jre 1.7
software
0.002 Low
EPSS
Percentile
58.8%
log4j:log4j is vulnerable to Denial of Service (DoS) attacks. The vulnerability is due to the Chainsaw or SocketAppender components processing a logging entry with either a deeply nested hashmap or hashtable, which can lead to memory exhaustion when the object is deserialized. An attacker can submit a crafted logging entry and cause Denial of Service if the JRE is below 1.7.
Related
openvas
openvas
Apache Log4j 1.x DoS Vulnerability (Mar 2023)
2023-03-13 00:00:00
nvd
nvd
CVE-2023-26464
2023-03-10 14:15:10
ibm
ibm
redhatcve
redhatcve
CVE-2023-26464
2023-03-30 07:13:01
github
github
Apache Log4j 1.x (EOL) allows Denial of Service (DoS)
2023-03-10 15:30:43
ubuntucve
ubuntucve
CVE-2023-26464
2023-03-10 00:00:00
osv
osv
CVE-2023-26464
2023-03-10 14:15:10
Apache Log4j 1.x (EOL) allows Denial of Service (DoS)
2023-03-10 15:30:43
debiancve
debiancve
CVE-2023-26464
2023-03-10 14:15:10
cve
cve
CVE-2023-26464
2023-03-10 14:15:10
prion
prion
Code injection
2023-03-10 14:15:00
cvelist
cvelist
f5
f5
K000133409 : Log4j vulnerability CVE-2023-26464
2023-04-05 00:00:00
nessus
nessus
RHEL 6 : log4j (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : log4j (Unpatched Vulnerability)
2024-06-03 00:00:00
Apache Log4j 1.x Multiple Vulnerabilities
2022-01-19 00:00:00
