ID

VAR-201912-0889


CVE

CVE-2019-17571


TITLE

Log4j Vulnerable to unreliable data deserialization

Trust: 0.8

sources: JVNDB: JVNDB-2019-013606

DESCRIPTION

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. Log4j Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. (CVE-2019-17571) A flaw was found in the Java logging library Apache Log4j in version 1.x. This allows a remote malicious user to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint. (CVE-2021-4104). Description: Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This Service Pack release of Red Hat JBoss Data Virtualization 6.4.8.SP1 (Service Pack 1) serves as a replacement for Red Hat JBoss Data Virtualization 6.4.8, and mitigates the impact of the log4j CVE's referenced in this document by removing the affected classes from the patch. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. The References section of this erratum contains a download link (you must log in to download the update). Bugs fixed (https://bugzilla.redhat.com/): 1785616 - CVE-2019-17571 log4j: deserialization of untrusted data in SocketServer 1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender 2031667 - CVE-2021-4104 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender 2041949 - CVE-2022-23302 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink 2041959 - CVE-2022-23305 log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender 2041967 - CVE-2022-23307 log4j: Unsafe deserialization flaw in Chainsaw log viewer 5. For the oldstable distribution (stretch), this problem has been fixed in version 1.2.17-7+deb9u1. For the stable distribution (buster), this problem has been fixed in version 1.2.17-8+deb10u1. We recommend that you upgrade your apache-log4j1.2 packages. For the detailed security status of apache-log4j1.2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache-log4j1.2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6/FH1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RAJQ/9HLo721J7x4kWxFiWIP0Ui1xl8ZM6MBhA8qYfUD4DxKoHHfvYEq6Q7TTD +FlTX5rRrjvgHF+MgxG1XDHtwv7XWhczEiHzZKHLCX3CsG+AL+CMmGoVqBtKEncC FGYbVCSKYzxM8LaX2G1EyCzT2zfGZvPT5nFT7zAV0Ge6vpvWklF0s168h4pbG9hE cF6aPqAlWMy5pLVRI+3XE1og4MECjqXB9a7HSWlHfur6NSnQlrHhWOCDJBw5zpPu AKEfW5GvBaCdxdat1xTFqCu6h5387dtNsBlRrefp9q+fcrGj2Z351Lv7ccG5Co8T e/7iNyABu2fmi8x4WFQwS3PY4AsM/2sa+KHfXnttSXcQniXAccg6S1eCaWVqdNfZ 3LPmeBC5gX3UqDNZTVv+kvHvv7EsD1/6bMeVZlKQZkYAeysbLWdjkA+88f6kaVwD qv6mWCGo5k7ZoWCUKD1Zjz8VwBT4EI/2II5D93QgblVkHDX9CESfipIjJBJp7aJ7 wS2kvdXOko3JDaJbScpGmCnjCb5NhJ1KiBZSzXYHv3uhoqlI5QvYvC1bFHqC2GnT cF4syuMELN6nZ/Yoz8sJiT4Ilppz98vLerHbJoJZIPEOh15k8UKaFkdt5CpI8MGK 4+sL2iWyTtCjGYGuhDkk0KyLcqijybv282VIkXDtAetpi8MTdsE= =eH9L -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: log4j security update Advisory ID: RHSA-2022:5053-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5053 Issue date: 2022-06-15 CVE Names: CVE-2019-17571 ===================================================================== 1. Summary: An update for log4j is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6 ELS) - i386, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64 3. Description: Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix(es): * log4j: deserialization of untrusted data in SocketServer (CVE-2019-17571) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Server (v. 6 ELS): Source: log4j-1.2.14-6.7.el6_10.src.rpm i386: log4j-1.2.14-6.7.el6_10.i686.rpm log4j-debuginfo-1.2.14-6.7.el6_10.i686.rpm s390x: log4j-1.2.14-6.7.el6_10.s390x.rpm log4j-debuginfo-1.2.14-6.7.el6_10.s390x.rpm x86_64: log4j-1.2.14-6.7.el6_10.x86_64.rpm log4j-debuginfo-1.2.14-6.7.el6_10.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6 ELS): i386: log4j-debuginfo-1.2.14-6.7.el6_10.i686.rpm log4j-javadoc-1.2.14-6.7.el6_10.i686.rpm log4j-manual-1.2.14-6.7.el6_10.i686.rpm s390x: log4j-debuginfo-1.2.14-6.7.el6_10.s390x.rpm log4j-javadoc-1.2.14-6.7.el6_10.s390x.rpm log4j-manual-1.2.14-6.7.el6_10.s390x.rpm x86_64: log4j-debuginfo-1.2.14-6.7.el6_10.x86_64.rpm log4j-javadoc-1.2.14-6.7.el6_10.x86_64.rpm log4j-manual-1.2.14-6.7.el6_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-17571 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYqnJeNzjgjWX9erEAQgGiQ/8DiTAwAZPNPQlrV5ItJ3I3AxT4ruBA995 bPYquIN3zX0afhrGRMWTs/aD/4vYkbUtLA5QzqYlE1dsbleGHcAbxmSfY+wE8tE7 Bg02UGNI7bru25JPZE5lSuNA8McZw/aBRcorwhSVRiBQ1GbPMQqAimbrNx98r6Qe QLupPSuNmbczUOh9X4gbPoqEeIizf8MtYbMS+LbpeIZWH7rELk3t7o63MerkAIYi yWjXzL8Xn3ylflXUzdRNIJ8QZC+nU7kgib3Ugm4TbC9F5A0w7TiAomb9qnHOP+mW 2HoGje7VZIeGX7rwtCIttW5Z9/LztkhXb/Yk1tzMM3Jo/HWgqoP8dULxian7L8aE DFlrGSbF0OQTDiYGVgGX2uW89Yi/XbX1nP7q0MtBq0D5P7z7yLKfHNyeksX+TFyV kxhUrHY8u3JLvWxWBoRzEH8TOhuoMXRIp/FkDpnnM6dDbwSyQsalGZzWnTqOHSwi sZDFnmuLQDUZQtslb4suSRgdQbu0xnvc+i38jbhoEOcH4xJGZnizRY/97wytq3Jp nBj2G0sRSMNlbcA4rr0zzTT6K/HiBhI9OWn3n76lj7jySFYrIUmPgCNhZy5dV1vx nK0c1WI+oRXn4xT4ekCYQUM/uysgWfeVLr9b2ArwaxMxvc4GiLA713gUgelejl6h 9kT6WndTNP0= =VXI/ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-5998-1 April 05, 2023 apache-log4j1.2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM Summary: Several security issues were fixed in Apache Log4j. Software Description: - apache-log4j1.2: Java-based open-source logging tool Details: It was discovered that the SocketServer component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-17571) It was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-23302) It was discovered that Apache Log4j 1.2 incorrectly handled certain SQL statements. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23305) It was discovered that the Chainsaw component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23307) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: liblog4j1.2-java 1.2.17-9ubuntu0.2 Ubuntu 18.04 LTS: liblog4j1.2-java 1.2.17-8+deb10u1ubuntu0.2 Ubuntu 16.04 ESM: liblog4j1.2-java 1.2.17-7ubuntu1+esm1 In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202402-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Apache Log4j: Multiple Vulnerabilities Date: February 18, 2024 Bugs: #719146 ID: 202402-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Background ========== Log4j is a Java logging framework that supports various use cases with a rich set of components, a separate API, and a performance-optimized implementation. Affected packages ================= Package Vulnerable Unaffected -------------- ------------ ------------ dev-java/log4j <= 1.2.17 Vulnerable! Description =========== Multiple vulnerabilities hav been discovered in Apache Log4j. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== Gentoo has discontinued support for log4j. We recommend that users unmerge it: # emerge --ask --depclean "dev-java/log4j" References ========== [ 1 ] CVE-2019-17571 https://nvd.nist.gov/vuln/detail/CVE-2019-17571 [ 2 ] CVE-2020-9488 https://nvd.nist.gov/vuln/detail/CVE-2020-9488 [ 3 ] CVE-2020-9493 https://nvd.nist.gov/vuln/detail/CVE-2020-9493 [ 4 ] CVE-2022-23302 https://nvd.nist.gov/vuln/detail/CVE-2022-23302 [ 5 ] CVE-2022-23305 https://nvd.nist.gov/vuln/detail/CVE-2022-23305 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202402-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.43

sources: NVD: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // VULHUB: VHN-149831 // VULMON: CVE-2019-17571 // PACKETSTORM: 159173 // PACKETSTORM: 165965 // PACKETSTORM: 165943 // PACKETSTORM: 168829 // PACKETSTORM: 167493 // PACKETSTORM: 171759 // PACKETSTORM: 177171

AFFECTED PRODUCTS

vendor:oraclemodel:primavera gatewayscope:gteversion:16.2

Trust: 1.0

vendor:oraclemodel:financial services lending and leasingscope:lteversion:14.8.0

Trust: 1.0

vendor:apachemodel:log4jscope:lteversion:1.2.17

Trust: 1.0

vendor:oraclemodel:primavera gatewayscope:lteversion:17.12.7

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:oraclemodel:financial services lending and leasingscope:eqversion:12.5.0

Trust: 1.0

vendor:oraclemodel:communications network integrityscope:gteversion:7.3.2

Trust: 1.0

vendor:oraclemodel:primavera gatewayscope:gteversion:17.12.0

Trust: 1.0

vendor:oraclemodel:endeca information discovery studioscope:eqversion:3.2.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:lteversion:8.0.29

Trust: 1.0

vendor:oraclemodel:retail service backbonescope:eqversion:15.0

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:14.1.1.0.0

Trust: 1.0

vendor:oraclemodel:application testing suitescope:eqversion:13.3.0.1

Trust: 1.0

vendor:oraclemodel:retail extract transform and loadscope:eqversion:19.0

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.2.1.3.0

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.2.1.4.0

Trust: 1.0

vendor:oraclemodel:rapid planningscope:eqversion:12.2

Trust: 1.0

vendor:oraclemodel:communications network integrityscope:lteversion:7.3.6

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.1.3.0.0

Trust: 1.0

vendor:netappmodel:oncommand system managerscope:gteversion:3.0

Trust: 1.0

vendor:oraclemodel:financial services lending and leasingscope:gteversion:14.1.0

Trust: 1.0

vendor:oraclemodel:retail service backbonescope:eqversion:14.1

Trust: 1.0

vendor:oraclemodel:rapid planningscope:eqversion:12.1

Trust: 1.0

vendor:oraclemodel:retail service backbonescope:eqversion:16.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:apachemodel:bookkeeperscope:ltversion:4.14.3

Trust: 1.0

vendor:netappmodel:oncommand system managerscope:lteversion:3.1.3

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:oraclemodel:primavera gatewayscope:lteversion:16.2.11

Trust: 1.0

vendor:netappmodel:oncommand workflow automationscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.6.0.0

Trust: 1.0

vendor:apachemodel:log4jscope:eqversion:1.2 to 1.2.17

Trust: 0.8

sources: JVNDB: JVNDB-2019-013606 // NVD: CVE-2019-17571

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-17571
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-17571
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201912-950
value: CRITICAL

Trust: 0.6

VULHUB: VHN-149831
value: HIGH

Trust: 0.1

VULMON: CVE-2019-17571
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-17571
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-149831
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-17571
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-17571
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-149831 // VULMON: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // CNNVD: CNNVD-201912-950 // NVD: CVE-2019-17571

PROBLEMTYPE DATA

problemtype:CWE-502

Trust: 1.9

sources: VULHUB: VHN-149831 // JVNDB: JVNDB-2019-013606 // NVD: CVE-2019-17571

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 177171 // CNNVD: CNNVD-201912-950

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201912-950

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-013606

PATCH

title:[jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571url:https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3Cdev.tika.apache.org%3E

Trust: 0.8

title:[jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571url:https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3Cdev.tika.apache.org%3E

Trust: 0.8

title:[jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]url:https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3Cdev.tika.apache.org%3E

Trust: 0.8

title:[jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]url:https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3Cissues.activemq.apache.org%3E

Trust: 0.8

title:[jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571url:https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3Cissues.activemq.apache.org%3E

Trust: 0.8

title:[CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServerurl:https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E

Trust: 0.8

title:Apache Log4j Fixes for code issue vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=105686

Trust: 0.6

title:Red Hat: Important: log4j security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225053 - Security Advisory

Trust: 0.1

title:Debian Security Advisories: DSA-4686-1 apache-log4j1.2 -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=9b0c6a9bccfd00e69ffdf79166adb985

Trust: 0.1

title:Debian CVElist Bug Report Logs: apache-log4j1.2: CVE-2019-17571url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9b1a2b3bcff03a4370bb153cc1e9d89e

Trust: 0.1

title:Red Hat: Important: Red Hat JBoss Data Virtualization 6.4.8.SP2 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220507 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat JBoss Data Virtualization 6.4.8.SP1 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220497 - Security Advisory

Trust: 0.1

title:IBM: Security Bulletin: The vanruability (net.sf.ehcache blocking in FasterXML jackson-databind has an unknown impact) found Network Performance Insight (CVE-2019-17571)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ef95ec07d1eed2c8e39fcac3eda0652d

Trust: 0.1

title:Amazon Linux AMI: ALAS-2022-1562url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1562

Trust: 0.1

title:IBM: Security Bulletin: Vulnerabilities from log4j affect IBM Operations Analytics – Log Analysis (CVE-2019-17571, CVE-2020-9488)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=50fa9043c45905a52ed66dfe1c3ccd01

Trust: 0.1

title:IBM: Security Bulletin: Vulnerabilities in Apache Commons and Log4j affect IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environmentsurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=b53b65c38e4d1ebaa2753d9afd7fa517

Trust: 0.1

title:IBM: Security Bulletin: Due to use of Apache Log4j, IBM QRadar SIEM is vulnerable to arbitrary code execution (CVE-2019-17571, CVE-2021-44832, CVE-2021-4104)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=a0cbd5f5df3a9f322684d99eeb2b9429

Trust: 0.1

title:Hello World for Apache Wicket 6.31.0-SNAPSHOTurl:https://github.com/mahiratan/apache

Trust: 0.1

title:Deprecatedurl:https://github.com/michaeltandy/log4j-json

Trust: 0.1

title:FloreantPOSurl:https://github.com/fat-tire/floreantpos

Trust: 0.1

title:Hello World for Apache Wicket 6.31.0-SNAPSHOTurl:https://github.com/RajuYelagattu/gopi

Trust: 0.1

title:Hello World for Apache Wicket 6.31.0-SNAPSHOTurl:https://github.com/janimakinen/hello-world-apache-wicket

Trust: 0.1

title:Fix-Signature Tracking (FixSigTrack)url:https://github.com/sa-ne/FixSigTrack

Trust: 0.1

title:OPEN HTML TO PDFurl:https://github.com/orgTestCodacy11KRepos110MB/repo-5360-openhtmltopdf

Trust: 0.1

title:Log4j RELP Pluginurl:https://github.com/teragrep/jla_05

Trust: 0.1

title:log4j-scannerurl:https://github.com/bluestoneag/log4j-scanner

Trust: 0.1

title: - url:https://github.com/shadow-horse/CVE-2019-17571

Trust: 0.1

sources: VULMON: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // CNNVD: CNNVD-201912-950

EXTERNAL IDS

db:NVDid:CVE-2019-17571

Trust: 3.3

db:PACKETSTORMid:159173

Trust: 0.8

db:PACKETSTORMid:167493

Trust: 0.8

db:PACKETSTORMid:165965

Trust: 0.8

db:PACKETSTORMid:165943

Trust: 0.8

db:JVNDBid:JVNDB-2019-013606

Trust: 0.8

db:CNNVDid:CNNVD-201912-950

Trust: 0.7

db:AUSCERTid:ESB-2022.0599

Trust: 0.6

db:AUSCERTid:ESB-2020.3154

Trust: 0.6

db:AUSCERTid:ESB-2020.0120.2

Trust: 0.6

db:AUSCERTid:ESB-2023.2010

Trust: 0.6

db:AUSCERTid:ESB-2020.1427

Trust: 0.6

db:AUSCERTid:ESB-2020.0098

Trust: 0.6

db:AUSCERTid:ESB-2020.0120

Trust: 0.6

db:CS-HELPid:SB2022021415

Trust: 0.6

db:CS-HELPid:SB2022010302

Trust: 0.6

db:CS-HELPid:SB2022021018

Trust: 0.6

db:CS-HELPid:SB2022072128

Trust: 0.6

db:CS-HELPid:SB2022072503

Trust: 0.6

db:CS-HELPid:SB2022012001

Trust: 0.6

db:VULHUBid:VHN-149831

Trust: 0.1

db:VULMONid:CVE-2019-17571

Trust: 0.1

db:PACKETSTORMid:168829

Trust: 0.1

db:PACKETSTORMid:171759

Trust: 0.1

db:PACKETSTORMid:177171

Trust: 0.1

sources: VULHUB: VHN-149831 // VULMON: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // PACKETSTORM: 159173 // PACKETSTORM: 165965 // PACKETSTORM: 165943 // PACKETSTORM: 168829 // PACKETSTORM: 167493 // PACKETSTORM: 171759 // PACKETSTORM: 177171 // CNNVD: CNNVD-201912-950 // NVD: CVE-2019-17571

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2019-17571

Trust: 2.1

url:https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3cdev.logging.apache.org%3e

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20200110-0001/

Trust: 1.7

url:https://www.debian.org/security/2020/dsa-4686

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2021.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2020.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujul2020.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujul2022.html

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2020/01/msg00008.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00022.html

Trust: 1.7

url:https://usn.ubuntu.com/4495-1/

Trust: 1.7

url:https://lists.apache.org/thread.html/r909b8e3a36913944d3b7bafe9635d4ca84f8f0e2cd146a1784f667c2%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/ra18a903f785aed9403aea38bc6f36844a056283c00dcfc6936b6318c%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3cusers.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r3543ead2317dcd3306f69ee37b07dd383dbba6e2f47ff11eb55879ad%40%3cusers.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/re36da78e4f3955ba6c1c373a2ab85a4deb215ca74b85fcd66142fea1%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r6d34da5a0ca17ab08179a30c971446c7421af0e96f6d60867eabfc52%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r1b7734dfdfd938640f2f5fb6f4231a267145c71ed60cc7faa1cbac07%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r13d4b5c60ff63f3c4fab51d6ff266655be503b8a1884e2f2fab67c3a%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3%40%3ccommits.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf53eeefb7e7e524deaacb9f8671cbf01b8a253e865fb94e7656722c0%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r6aec6b8f70167fa325fb98b3b5c9ce0ffaed026e697b69b85ac24628%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r189aaeaad897f7d6b96f7c43a8ef2dfb9f6e9f8c1cc9ad182ce9b9ae%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rdb7ddf28807e27c7801f6e56a0dfb31092d34c61bdd4fa2de9182119%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r3cf50d05ce8cec8c09392624b7bae750e7643dae60ef2438641ee015%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rbdf18e39428b5c80fc35113470198b1fe53b287a76a46b0f8780b5fd%40%3cdev.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r26244f9f7d9a8a27a092eb0b2a0ca9395e88fcde8b5edaeca7ce569c%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r944183c871594fe9a555b8519a7c945bbcf6714d72461aa6c929028f%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/564f03b4e9511fcba29c68fc0299372dadbdb002718fa8edcc4325e4%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3cusers.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/752ec92cd1e334a639e79bfbd689a4ec2c6579ec5bb41b53ffdf358d%40%3cdev.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8890b8f18f1de821595792b58b968a89692a255bc20d86d395270740%40%3ccommits.druid.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8a1cfd4705258c106e488091fcec85f194c82f2bbde6bd151e201870%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r71e26f9c2d5826c6f95ad60f7d052d75e1e70b0d2dd853db6fc26d5f%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r5c084578b3e3b40bd903c9d9e525097421bcd88178e672f612102eb2%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8244fd0831db894d5e89911ded9c72196d395a90ae655414d23ed0dd%40%3cusers.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8c392ca48bb7e50754e4bc05865e9731b23d568d18a520fe3d8c1f75%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3cdev.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rb3c94619728c8f8c176d8e175e0a1086ca737ecdfcd5a2214bb768bc%40%3ccommits.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r356d57d6225f91fdc30f8b0a2bed229d1ece55e16e552878c5fa809a%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r4ac89cbecd9e298ae9fafb5afda6fa77ac75c78d1ac957837e066c4e%40%3cuser.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rc17d8491beee51607693019857e41e769795366b85be00aa2f4b3159%40%3cnotifications.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r6b45a2fcc8e98ac93a179183dbb7f340027bdb8e3ab393418076b153%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd882ab6b642fe59cbbe94dc02bd197342058208f482e57b537940a4b%40%3cpluto-dev.portals.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3cusers.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd3a9511eebab60e23f224841390a3f8cd5358cff605c5f7042171e47%40%3cdev.tinkerpop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r90c23eb8c82835fa82df85ae5e88c81fd9241e20a22971b0fb8f2c34%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r05755112a8c164abc1004bb44f198b1e3d8ca3d546a8f13ebd3aa05f%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9d0d03f2e7d9e13c68b530f81d02b0fec33133edcf27330d8089fcfb%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r7f462c69d5ded4c0223e014d95a3496690423c5f6f05c09e2f2a407a%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3cdev.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r2756fd570b6709d55a61831ca028405bcb3e312175a60bc5d911c81f%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/ra9611a8431cb62369bce8909d7645597e1dd45c24b448836b1e54940%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r3bf7b982dfa0779f8a71f843d2aa6b4184a53e6be7f149ee079387fd%40%3cdev.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf9c19bcc2f7a98a880fa3e3456c003d331812b55836b34ef648063c9%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rbd19de368abf0764e4383ec44d527bc9870176f488a494f09a40500d%40%3ccommon-dev.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rc628307962ae1b8cc2d21b8e4b7dd6d7755b2dd52fa56a151a27e4fd%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9fb3238cfc3222f2392ca6517353aadae18f76866157318ac562e706%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9a9e3b42cd5d1c4536a14ef04f75048dec8e2740ac6a138ea912177f%40%3cpluto-dev.portals.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd7805c1bf9388968508c6c8f84588773216e560055ddcc813d19f347%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3cdev.mina.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573%40%3ccommits.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177%40%3ccommits.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3cusers.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8c6300245c0bcef095e9f07b48157e2c6471df0816db3408fcf1d748%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/reaf6b996f74f12b4557bc221abe88f58270ac583942fa41293c61f94%40%3cpluto-scm.portals.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rfdf65fa675c64a64459817344e0e6c44d51ee264beea6e5851fb60dc%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r7a1acc95373105169bd44df710c2f462cad31fb805364d2958a5ee03%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3cusers.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/ra54fa49be3e773d99ccc9c2a422311cf77e3ecd3b8594ee93043a6b1%40%3cdev.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8%40%3ccommits.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf1b434e11834a4449cd7addb69ed0aef0923112b5938182b363a968c%40%3cnotifications.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rda4849c6823dd3e83c7a356eb883180811d5c28359fe46865fd151c3%40%3cusers.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8418a0dff1729f19cf1024937e23a2db4c0f94f2794a423f5c10e8e7%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r6236b5f8646d48af8b66d5050f288304016840788e508c883356fe0e%40%3clog4j-user.logging.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9d2e28e71f91ba0b6f4114c8ecd96e2b1f7e0d06bdf8eb768c183aa9%40%3ccommon-issues.hadoop.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809%40%3ccommits.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r3c575cabc7386e646fb12cb82b0b38ae5a6ade8a800f827107824495%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rcd71280585425dad7e232f239c5709e425efdd0d3de4a92f808a4767%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r594411f4bddebaf48a4c70266d0b7849e0d82bb72826f61b3a35bba7%40%3cissues.bookkeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d%40%3cdev.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3cdev.tika.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f%40%3ccommits.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd6254837403e8cbfc7018baa9be29705f3f06bd007c83708f9a97679%40%3cissues.zookeeper.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3cissues.activemq.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r696507338dd5f44efc23d98cafe30f217cf3ba78e77ed1324c7a5179%40%3cjira.kafka.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf77f79699c8d7e430c14cf480f12ed1297e6e8cf2ed379a425941e80%40%3cpluto-dev.portals.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3ccommits.pulsar.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8d78a0fbb56d505461e29868d1026e98c402e6a568c13a6da67896a2%40%3cdev.jena.apache.org%3e

Trust: 1.0

url:https://access.redhat.com/security/cve/cve-2019-17571

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17571

Trust: 0.8

url:https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3cissues.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r3543ead2317dcd3306f69ee37b07dd383dbba6e2f47ff11eb55879ad@%3cusers.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8244fd0831db894d5e89911ded9c72196d395a90ae655414d23ed0dd@%3cusers.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882@%3cusers.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328@%3cusers.activemq.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rb3c94619728c8f8c176d8e175e0a1086ca737ecdfcd5a2214bb768bc@%3ccommits.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/re36da78e4f3955ba6c1c373a2ab85a4deb215ca74b85fcd66142fea1@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r594411f4bddebaf48a4c70266d0b7849e0d82bb72826f61b3a35bba7@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r6d34da5a0ca17ab08179a30c971446c7421af0e96f6d60867eabfc52@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rdb7ddf28807e27c7801f6e56a0dfb31092d34c61bdd4fa2de9182119@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/ra18a903f785aed9403aea38bc6f36844a056283c00dcfc6936b6318c@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rf53eeefb7e7e524deaacb9f8671cbf01b8a253e865fb94e7656722c0@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r90c23eb8c82835fa82df85ae5e88c81fd9241e20a22971b0fb8f2c34@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rfdf65fa675c64a64459817344e0e6c44d51ee264beea6e5851fb60dc@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8418a0dff1729f19cf1024937e23a2db4c0f94f2794a423f5c10e8e7@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/ra9611a8431cb62369bce8909d7645597e1dd45c24b448836b1e54940@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rcd71280585425dad7e232f239c5709e425efdd0d3de4a92f808a4767@%3cissues.bookkeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8890b8f18f1de821595792b58b968a89692a255bc20d86d395270740@%3ccommits.druid.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rbd19de368abf0764e4383ec44d527bc9870176f488a494f09a40500d@%3ccommon-dev.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r26244f9f7d9a8a27a092eb0b2a0ca9395e88fcde8b5edaeca7ce569c@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r9fb3238cfc3222f2392ca6517353aadae18f76866157318ac562e706@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8c6300245c0bcef095e9f07b48157e2c6471df0816db3408fcf1d748@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r6b45a2fcc8e98ac93a179183dbb7f340027bdb8e3ab393418076b153@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8c392ca48bb7e50754e4bc05865e9731b23d568d18a520fe3d8c1f75@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r13d4b5c60ff63f3c4fab51d6ff266655be503b8a1884e2f2fab67c3a@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rd7805c1bf9388968508c6c8f84588773216e560055ddcc813d19f347@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r1b7734dfdfd938640f2f5fb6f4231a267145c71ed60cc7faa1cbac07@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r9d2e28e71f91ba0b6f4114c8ecd96e2b1f7e0d06bdf8eb768c183aa9@%3ccommon-issues.hadoop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8d78a0fbb56d505461e29868d1026e98c402e6a568c13a6da67896a2@%3cdev.jena.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/752ec92cd1e334a639e79bfbd689a4ec2c6579ec5bb41b53ffdf358d@%3cdev.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r3bf7b982dfa0779f8a71f843d2aa6b4184a53e6be7f149ee079387fd@%3cdev.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3cdev.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3cdev.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/564f03b4e9511fcba29c68fc0299372dadbdb002718fa8edcc4325e4@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r2756fd570b6709d55a61831ca028405bcb3e312175a60bc5d911c81f@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r3c575cabc7386e646fb12cb82b0b38ae5a6ade8a800f827107824495@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r189aaeaad897f7d6b96f7c43a8ef2dfb9f6e9f8c1cc9ad182ce9b9ae@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8a1cfd4705258c106e488091fcec85f194c82f2bbde6bd151e201870@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r696507338dd5f44efc23d98cafe30f217cf3ba78e77ed1324c7a5179@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rf9c19bcc2f7a98a880fa3e3456c003d331812b55836b34ef648063c9@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r71e26f9c2d5826c6f95ad60f7d052d75e1e70b0d2dd853db6fc26d5f@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r7f462c69d5ded4c0223e014d95a3496690423c5f6f05c09e2f2a407a@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r7a1acc95373105169bd44df710c2f462cad31fb805364d2958a5ee03@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r5c084578b3e3b40bd903c9d9e525097421bcd88178e672f612102eb2@%3cjira.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rda4849c6823dd3e83c7a356eb883180811d5c28359fe46865fd151c3@%3cusers.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3cusers.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3cusers.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3cusers.kafka.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r6236b5f8646d48af8b66d5050f288304016840788e508c883356fe0e@%3clog4j-user.logging.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3cdev.mina.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r9a9e3b42cd5d1c4536a14ef04f75048dec8e2740ac6a138ea912177f@%3cpluto-dev.portals.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rf77f79699c8d7e430c14cf480f12ed1297e6e8cf2ed379a425941e80@%3cpluto-dev.portals.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rd882ab6b642fe59cbbe94dc02bd197342058208f482e57b537940a4b@%3cpluto-dev.portals.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/reaf6b996f74f12b4557bc221abe88f58270ac583942fa41293c61f94@%3cpluto-scm.portals.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3ccommits.pulsar.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3cdev.tika.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rd3a9511eebab60e23f224841390a3f8cd5358cff605c5f7042171e47@%3cdev.tinkerpop.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3ccommits.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3ccommits.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3ccommits.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f@%3ccommits.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809@%3ccommits.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3@%3ccommits.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rbdf18e39428b5c80fc35113470198b1fe53b287a76a46b0f8780b5fd@%3cdev.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3cdev.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/ra54fa49be3e773d99ccc9c2a422311cf77e3ecd3b8594ee93043a6b1@%3cdev.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r05755112a8c164abc1004bb44f198b1e3d8ca3d546a8f13ebd3aa05f@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r944183c871594fe9a555b8519a7c945bbcf6714d72461aa6c929028f@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r6aec6b8f70167fa325fb98b3b5c9ce0ffaed026e697b69b85ac24628@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r356d57d6225f91fdc30f8b0a2bed229d1ece55e16e552878c5fa809a@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rc628307962ae1b8cc2d21b8e4b7dd6d7755b2dd52fa56a151a27e4fd@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rd6254837403e8cbfc7018baa9be29705f3f06bd007c83708f9a97679@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r909b8e3a36913944d3b7bafe9635d4ca84f8f0e2cd146a1784f667c2@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r9d0d03f2e7d9e13c68b530f81d02b0fec33133edcf27330d8089fcfb@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r3cf50d05ce8cec8c09392624b7bae750e7643dae60ef2438641ee015@%3cissues.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rf1b434e11834a4449cd7addb69ed0aef0923112b5938182b363a968c@%3cnotifications.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/rc17d8491beee51607693019857e41e769795366b85be00aa2f4b3159@%3cnotifications.zookeeper.apache.org%3e

Trust: 0.7

url:https://lists.apache.org/thread.html/r4ac89cbecd9e298ae9fafb5afda6fa77ac75c78d1ac957837e066c4e@%3cuser.zookeeper.apache.org%3e

Trust: 0.7

url:https://www.debian.org/lts/security/2020/dla-2064

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2020/suse-su-202014267-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2020/suse-su-20200053-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2020/suse-su-20200054-1.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-3/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.2010

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-for-manufacturing-2-0-is-affected-by-vulnerabilities-of-log4j-1-2-17-log4j-deserialization-remote-code-execution-cve-2019-17571/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1427/

Trust: 0.6

url:https://packetstormsecurity.com/files/165965/red-hat-security-advisory-2022-0507-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0120.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0098/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-warehouse-has-released-a-fix-in-response-to-multiple-vulnerabilities-found-in-ibm-db2/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-db2-that-affect-the-ibm-performance-management-product/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0120/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache-commons-and-log4j-affect-ibm-spectrum-protect-backup-archive-client-and-ibm-spectrum-protect-for-virtual-environments-3/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-netcool-impact-is-affected-by-an-apache-log4j-vulnerability-cve-2019-17571/

Trust: 0.6

url:https://packetstormsecurity.com/files/159173/ubuntu-security-notice-usn-4495-1.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-the-vanruability-net-sf-ehcache-blocking-in-fasterxml-jackson-databind-has-an-unknown-impact-found-network-performance-insight-cve-2019-17571/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072503

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072128

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6519984

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0599

Trust: 0.6

url:https://packetstormsecurity.com/files/167493/red-hat-security-advisory-2022-5053-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-2/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-websphere-application-server-liberty-ibm-java-runtime-log4j-and-apache-commons-affect-ibm-spectrum-protect-snapshot-for-vmware/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-log4j-affects-ibm-lks-art-agent/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-found-in-apache-log4j-v1-x-may-affect-ibm-enterprise-records/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021018

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021415

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2019-17571/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-publicly-disclosed-vulnerability/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apache-log4j-1-2-code-execution-via-socket-server-deserialization-31193

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022012001

Trust: 0.6

url:https://packetstormsecurity.com/files/165943/red-hat-security-advisory-2022-0497-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022010302

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3154/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-23302

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-23305

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9488

Trust: 0.3

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-23307

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-9488

Trust: 0.2

url:https://access.redhat.com/site/solutions/625683)

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-23307

Trust: 0.2

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=data.services.platform&downloadtype=securitypatches&version=6.4

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-4104

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-4104

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-23305

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-23302

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_data_virtualization/6.4/html/release_notes/

Trust: 0.2

url:https://usn.ubuntu.com/4495-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/apache-log4j1.2/1.2.17-8+deb10u1build0.18.04.1

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0507

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0497

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://security-tracker.debian.org/tracker/apache-log4j1.2

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5053

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5998-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/apache-log4j1.2/1.2.17-9ubuntu0.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/apache-log4j1.2/1.2.17-8+deb10u1ubuntu0.2

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://security.gentoo.org/glsa/202402-16

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9493

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

sources: VULHUB: VHN-149831 // JVNDB: JVNDB-2019-013606 // PACKETSTORM: 159173 // PACKETSTORM: 165965 // PACKETSTORM: 165943 // PACKETSTORM: 168829 // PACKETSTORM: 167493 // PACKETSTORM: 171759 // PACKETSTORM: 177171 // CNNVD: CNNVD-201912-950 // NVD: CVE-2019-17571

CREDITS

Ubuntu

Trust: 0.8

sources: PACKETSTORM: 159173 // PACKETSTORM: 171759 // CNNVD: CNNVD-201912-950

SOURCES

db:VULHUBid:VHN-149831
db:VULMONid:CVE-2019-17571
db:JVNDBid:JVNDB-2019-013606
db:PACKETSTORMid:159173
db:PACKETSTORMid:165965
db:PACKETSTORMid:165943
db:PACKETSTORMid:168829
db:PACKETSTORMid:167493
db:PACKETSTORMid:171759
db:PACKETSTORMid:177171
db:CNNVDid:CNNVD-201912-950
db:NVDid:CVE-2019-17571

LAST UPDATE DATE

2024-11-23T21:01:39.058000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-149831date:2022-12-14T00:00:00
db:VULMONid:CVE-2019-17571date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2019-013606date:2020-01-10T00:00:00
db:CNNVDid:CNNVD-201912-950date:2023-04-07T00:00:00
db:NVDid:CVE-2019-17571date:2024-11-21T04:32:33.393

SOURCES RELEASE DATE

db:VULHUBid:VHN-149831date:2019-12-20T00:00:00
db:VULMONid:CVE-2019-17571date:2019-12-20T00:00:00
db:JVNDBid:JVNDB-2019-013606date:2020-01-10T00:00:00
db:PACKETSTORMid:159173date:2020-09-15T17:05:37
db:PACKETSTORMid:165965date:2022-02-11T15:46:06
db:PACKETSTORMid:165943date:2022-02-10T16:17:02
db:PACKETSTORMid:168829date:2020-05-28T19:12:00
db:PACKETSTORMid:167493date:2022-06-20T00:19:05
db:PACKETSTORMid:171759date:2023-04-06T14:37:27
db:PACKETSTORMid:177171date:2024-02-19T14:10:03
db:CNNVDid:CNNVD-201912-950date:2019-12-19T00:00:00
db:NVDid:CVE-2019-17571date:2019-12-20T17:15:11.893