Homepage

log4j vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the log4j package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Validation of Syntactic Correctness of Input

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Integer Overflow or Wraparound

*
  • M
Improper Validation of Specified Index, Position, or Offset in Input

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Resource Exhaustion

*
  • M
Uncontrolled Recursion

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • M
Improper Input Validation

*
  • L
Out-of-bounds Write

*
  • M
Deserialization of Untrusted Data

*
  • M
SQL Injection

*
  • M
Deserialization of Untrusted Data

*
  • M
Improper Input Validation

*
  • L
Improper Certificate Validation

*