log4j-eap6 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the log4j-eap6 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Improper Input Validation

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Cross-site Scripting (XSS)

<0:1.2.16-11.redhat_2.ep6.el7.4
  • H
Deserialization of Untrusted Data

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • L
Deserialization of Untrusted Data

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • L
SQL Injection

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • H
SQL Injection

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • L
Deserialization of Untrusted Data

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • L
Improper Input Validation

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • H
Improper Input Validation

<0:1.2.17-3.redhat_00008.1.ep6.el7
  • H
Information Exposure

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Insufficient Verification of Data Authenticity

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Incorrect Privilege Assignment

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Incorrect Privilege Assignment

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Exposure of Resource to Wrong Sphere

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Resource Exhaustion

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Resource Exhaustion

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:1.2.16-12.redhat_3.1.ep6.el7
  • H
Covert Timing Channel

<0:1.2.16-12.redhat_3.1.ep6.el7
  • L
Improper Certificate Validation

*