Details of VAR-201912-0889

ID

VAR-201912-0889

CVE

CVE-2019-17571

TITLE

Log4j Vulnerable to unreliable data deserialization

Trust: 0.8

sources: JVNDB: JVNDB-2019-013606

DESCRIPTION

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. Log4j Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. (CVE-2019-17571) A flaw was found in the Java logging library Apache Log4j in version 1.x. This allows a remote malicious user to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint. (CVE-2021-4104). Description: Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This Service Pack release of Red Hat JBoss Data Virtualization 6.4.8.SP1 (Service Pack 1) serves as a replacement for Red Hat JBoss Data Virtualization 6.4.8, and mitigates the impact of the log4j CVE's referenced in this document by removing the affected classes from the patch. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. The References section of this erratum contains a download link (you must log in to download the update). Bugs fixed (https://bugzilla.redhat.com/): 1785616 - CVE-2019-17571 log4j: deserialization of untrusted data in SocketServer 1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender 2031667 - CVE-2021-4104 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender 2041949 - CVE-2022-23302 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink 2041959 - CVE-2022-23305 log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender 2041967 - CVE-2022-23307 log4j: Unsafe deserialization flaw in Chainsaw log viewer 5. For the oldstable distribution (stretch), this problem has been fixed in version 1.2.17-7+deb9u1. For the stable distribution (buster), this problem has been fixed in version 1.2.17-8+deb10u1. We recommend that you upgrade your apache-log4j1.2 packages. For the detailed security status of apache-log4j1.2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache-log4j1.2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6/FH1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RAJQ/9HLo721J7x4kWxFiWIP0Ui1xl8ZM6MBhA8qYfUD4DxKoHHfvYEq6Q7TTD +FlTX5rRrjvgHF+MgxG1XDHtwv7XWhczEiHzZKHLCX3CsG+AL+CMmGoVqBtKEncC FGYbVCSKYzxM8LaX2G1EyCzT2zfGZvPT5nFT7zAV0Ge6vpvWklF0s168h4pbG9hE cF6aPqAlWMy5pLVRI+3XE1og4MECjqXB9a7HSWlHfur6NSnQlrHhWOCDJBw5zpPu AKEfW5GvBaCdxdat1xTFqCu6h5387dtNsBlRrefp9q+fcrGj2Z351Lv7ccG5Co8T e/7iNyABu2fmi8x4WFQwS3PY4AsM/2sa+KHfXnttSXcQniXAccg6S1eCaWVqdNfZ 3LPmeBC5gX3UqDNZTVv+kvHvv7EsD1/6bMeVZlKQZkYAeysbLWdjkA+88f6kaVwD qv6mWCGo5k7ZoWCUKD1Zjz8VwBT4EI/2II5D93QgblVkHDX9CESfipIjJBJp7aJ7 wS2kvdXOko3JDaJbScpGmCnjCb5NhJ1KiBZSzXYHv3uhoqlI5QvYvC1bFHqC2GnT cF4syuMELN6nZ/Yoz8sJiT4Ilppz98vLerHbJoJZIPEOh15k8UKaFkdt5CpI8MGK 4+sL2iWyTtCjGYGuhDkk0KyLcqijybv282VIkXDtAetpi8MTdsE= =eH9L -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: log4j security update Advisory ID: RHSA-2022:5053-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5053 Issue date: 2022-06-15 CVE Names: CVE-2019-17571 ===================================================================== 1. Summary: An update for log4j is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6 ELS) - i386, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64 3. Description: Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix(es): * log4j: deserialization of untrusted data in SocketServer (CVE-2019-17571) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Server (v. 6 ELS): Source: log4j-1.2.14-6.7.el6_10.src.rpm i386: log4j-1.2.14-6.7.el6_10.i686.rpm log4j-debuginfo-1.2.14-6.7.el6_10.i686.rpm s390x: log4j-1.2.14-6.7.el6_10.s390x.rpm log4j-debuginfo-1.2.14-6.7.el6_10.s390x.rpm x86_64: log4j-1.2.14-6.7.el6_10.x86_64.rpm log4j-debuginfo-1.2.14-6.7.el6_10.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6 ELS): i386: log4j-debuginfo-1.2.14-6.7.el6_10.i686.rpm log4j-javadoc-1.2.14-6.7.el6_10.i686.rpm log4j-manual-1.2.14-6.7.el6_10.i686.rpm s390x: log4j-debuginfo-1.2.14-6.7.el6_10.s390x.rpm log4j-javadoc-1.2.14-6.7.el6_10.s390x.rpm log4j-manual-1.2.14-6.7.el6_10.s390x.rpm x86_64: log4j-debuginfo-1.2.14-6.7.el6_10.x86_64.rpm log4j-javadoc-1.2.14-6.7.el6_10.x86_64.rpm log4j-manual-1.2.14-6.7.el6_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-17571 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYqnJeNzjgjWX9erEAQgGiQ/8DiTAwAZPNPQlrV5ItJ3I3AxT4ruBA995 bPYquIN3zX0afhrGRMWTs/aD/4vYkbUtLA5QzqYlE1dsbleGHcAbxmSfY+wE8tE7 Bg02UGNI7bru25JPZE5lSuNA8McZw/aBRcorwhSVRiBQ1GbPMQqAimbrNx98r6Qe QLupPSuNmbczUOh9X4gbPoqEeIizf8MtYbMS+LbpeIZWH7rELk3t7o63MerkAIYi yWjXzL8Xn3ylflXUzdRNIJ8QZC+nU7kgib3Ugm4TbC9F5A0w7TiAomb9qnHOP+mW 2HoGje7VZIeGX7rwtCIttW5Z9/LztkhXb/Yk1tzMM3Jo/HWgqoP8dULxian7L8aE DFlrGSbF0OQTDiYGVgGX2uW89Yi/XbX1nP7q0MtBq0D5P7z7yLKfHNyeksX+TFyV kxhUrHY8u3JLvWxWBoRzEH8TOhuoMXRIp/FkDpnnM6dDbwSyQsalGZzWnTqOHSwi sZDFnmuLQDUZQtslb4suSRgdQbu0xnvc+i38jbhoEOcH4xJGZnizRY/97wytq3Jp nBj2G0sRSMNlbcA4rr0zzTT6K/HiBhI9OWn3n76lj7jySFYrIUmPgCNhZy5dV1vx nK0c1WI+oRXn4xT4ekCYQUM/uysgWfeVLr9b2ArwaxMxvc4GiLA713gUgelejl6h 9kT6WndTNP0= =VXI/ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-5998-1 April 05, 2023 apache-log4j1.2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM Summary: Several security issues were fixed in Apache Log4j. Software Description: - apache-log4j1.2: Java-based open-source logging tool Details: It was discovered that the SocketServer component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-17571) It was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-23302) It was discovered that Apache Log4j 1.2 incorrectly handled certain SQL statements. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23305) It was discovered that the Chainsaw component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23307) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: liblog4j1.2-java 1.2.17-9ubuntu0.2 Ubuntu 18.04 LTS: liblog4j1.2-java 1.2.17-8+deb10u1ubuntu0.2 Ubuntu 16.04 ESM: liblog4j1.2-java 1.2.17-7ubuntu1+esm1 In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202402-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Apache Log4j: Multiple Vulnerabilities Date: February 18, 2024 Bugs: #719146 ID: 202402-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Background ========== Log4j is a Java logging framework that supports various use cases with a rich set of components, a separate API, and a performance-optimized implementation. Affected packages ================= Package Vulnerable Unaffected -------------- ------------ ------------ dev-java/log4j <= 1.2.17 Vulnerable! Description =========== Multiple vulnerabilities hav been discovered in Apache Log4j. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== Gentoo has discontinued support for log4j. We recommend that users unmerge it: # emerge --ask --depclean "dev-java/log4j" References ========== [ 1 ] CVE-2019-17571 https://nvd.nist.gov/vuln/detail/CVE-2019-17571 [ 2 ] CVE-2020-9488 https://nvd.nist.gov/vuln/detail/CVE-2020-9488 [ 3 ] CVE-2020-9493 https://nvd.nist.gov/vuln/detail/CVE-2020-9493 [ 4 ] CVE-2022-23302 https://nvd.nist.gov/vuln/detail/CVE-2022-23302 [ 5 ] CVE-2022-23305 https://nvd.nist.gov/vuln/detail/CVE-2022-23305 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202402-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.43

sources: NVD: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // VULHUB: VHN-149831 // VULMON: CVE-2019-17571 // PACKETSTORM: 159173 // PACKETSTORM: 165965 // PACKETSTORM: 165943 // PACKETSTORM: 168829 // PACKETSTORM: 167493 // PACKETSTORM: 171759 // PACKETSTORM: 177171

AFFECTED PRODUCTS

vendor:	opensuse	model:	leap	scope:	eq	version:	15.1	Trust: 1.0
vendor:	netapp	model:	oncommand system manager	scope:	lte	version:	3.1.3	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	oracle	model:	communications network integrity	scope:	lte	version:	7.3.6	Trust: 1.0
vendor:	apache	model:	log4j	scope:	lte	version:	1.2.17	Trust: 1.0
vendor:	oracle	model:	primavera gateway	scope:	gte	version:	16.2	Trust: 1.0
vendor:	oracle	model:	rapid planning	scope:	eq	version:	12.1	Trust: 1.0
vendor:	oracle	model:	financial services lending and leasing	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	oracle	model:	primavera gateway	scope:	lte	version:	16.2.11	Trust: 1.0
vendor:	oracle	model:	primavera gateway	scope:	gte	version:	17.12.0	Trust: 1.0
vendor:	oracle	model:	weblogic server	scope:	eq	version:	12.1.3.0.0	Trust: 1.0
vendor:	oracle	model:	retail service backbone	scope:	eq	version:	15.0	Trust: 1.0
vendor:	apache	model:	bookkeeper	scope:	lt	version:	4.14.3	Trust: 1.0
vendor:	oracle	model:	retail extract transform and load	scope:	eq	version:	19.0	Trust: 1.0
vendor:	oracle	model:	endeca information discovery studio	scope:	eq	version:	3.2.0	Trust: 1.0
vendor:	oracle	model:	primavera gateway	scope:	lte	version:	17.12.7	Trust: 1.0
vendor:	oracle	model:	weblogic server	scope:	eq	version:	12.2.1.3.0	Trust: 1.0
vendor:	oracle	model:	rapid planning	scope:	eq	version:	12.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	netapp	model:	oncommand workflow automation	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	weblogic server	scope:	eq	version:	12.2.1.4.0	Trust: 1.0
vendor:	oracle	model:	communications network integrity	scope:	gte	version:	7.3.2	Trust: 1.0
vendor:	oracle	model:	retail service backbone	scope:	eq	version:	14.1	Trust: 1.0
vendor:	netapp	model:	oncommand system manager	scope:	gte	version:	3.0	Trust: 1.0
vendor:	oracle	model:	weblogic server	scope:	eq	version:	10.3.6.0.0	Trust: 1.0
vendor:	oracle	model:	financial services lending and leasing	scope:	lte	version:	14.8.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	oracle	model:	retail service backbone	scope:	eq	version:	16.0	Trust: 1.0
vendor:	oracle	model:	weblogic server	scope:	eq	version:	14.1.1.0.0	Trust: 1.0
vendor:	oracle	model:	mysql enterprise monitor	scope:	lte	version:	8.0.29	Trust: 1.0
vendor:	oracle	model:	application testing suite	scope:	eq	version:	13.3.0.1	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	oracle	model:	financial services lending and leasing	scope:	eq	version:	12.5.0	Trust: 1.0
vendor:	apache	model:	log4j	scope:	eq	version:	1.2 to 1.2.17	Trust: 0.8

sources: JVNDB: JVNDB-2019-013606 // NVD: CVE-2019-17571

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-17571
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2019-17571
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201912-950
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-149831
value:	HIGH
Trust: 0.1
VULMON:	CVE-2019-17571
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-17571
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-149831
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-17571
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-17571
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-149831 // VULMON: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // CNNVD: CNNVD-201912-950 // NVD: CVE-2019-17571

PROBLEMTYPE DATA

problemtype:

CWE-502

Trust: 1.9

sources: VULHUB: VHN-149831 // JVNDB: JVNDB-2019-013606 // NVD: CVE-2019-17571

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 177171 // CNNVD: CNNVD-201912-950

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201912-950

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-013606

PATCH

title:	[jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571	url:	https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3Cdev.tika.apache.org%3E	Trust: 0.8
title:	[jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571	url:	https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3Cdev.tika.apache.org%3E	Trust: 0.8
title:	[jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]	url:	https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3Cdev.tika.apache.org%3E	Trust: 0.8
title:	[jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]	url:	https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3Cissues.activemq.apache.org%3E	Trust: 0.8
title:	[jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571	url:	https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3Cissues.activemq.apache.org%3E	Trust: 0.8
title:	[CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer	url:	https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E	Trust: 0.8
title:	Apache Log4j Fixes for code issue vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=105686	Trust: 0.6
title:	Red Hat: Important: log4j security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225053 - Security Advisory	Trust: 0.1
title:	Debian Security Advisories: DSA-4686-1 apache-log4j1.2 -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=9b0c6a9bccfd00e69ffdf79166adb985	Trust: 0.1
title:	Debian CVElist Bug Report Logs: apache-log4j1.2: CVE-2019-17571	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9b1a2b3bcff03a4370bb153cc1e9d89e	Trust: 0.1
title:	Red Hat: Important: Red Hat JBoss Data Virtualization 6.4.8.SP2 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220507 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Red Hat JBoss Data Virtualization 6.4.8.SP1 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220497 - Security Advisory	Trust: 0.1
title:	IBM: Security Bulletin: The vanruability (net.sf.ehcache blocking in FasterXML jackson-databind has an unknown impact) found Network Performance Insight (CVE-2019-17571)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ef95ec07d1eed2c8e39fcac3eda0652d	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2022-1562	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1562	Trust: 0.1
title:	IBM: Security Bulletin: Vulnerabilities from log4j affect IBM Operations Analytics â€“ Log Analysis (CVE-2019-17571, CVE-2020-9488)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=50fa9043c45905a52ed66dfe1c3ccd01	Trust: 0.1
title:	IBM: Security Bulletin: Vulnerabilities in Apache Commons and Log4j affect IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=b53b65c38e4d1ebaa2753d9afd7fa517	Trust: 0.1
title:	IBM: Security Bulletin: Due to use of Apache Log4j, IBM QRadar SIEM is vulnerable to arbitrary code execution (CVE-2019-17571, CVE-2021-44832, CVE-2021-4104)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=a0cbd5f5df3a9f322684d99eeb2b9429	Trust: 0.1
title:	Hello World for Apache Wicket 6.31.0-SNAPSHOT	url:	https://github.com/mahiratan/apache	Trust: 0.1
title:	Deprecated	url:	https://github.com/michaeltandy/log4j-json	Trust: 0.1
title:	FloreantPOS	url:	https://github.com/fat-tire/floreantpos	Trust: 0.1
title:	Hello World for Apache Wicket 6.31.0-SNAPSHOT	url:	https://github.com/RajuYelagattu/gopi	Trust: 0.1
title:	Hello World for Apache Wicket 6.31.0-SNAPSHOT	url:	https://github.com/janimakinen/hello-world-apache-wicket	Trust: 0.1
title:	Fix-Signature Tracking (FixSigTrack)	url:	https://github.com/sa-ne/FixSigTrack	Trust: 0.1
title:	OPEN HTML TO PDF	url:	https://github.com/orgTestCodacy11KRepos110MB/repo-5360-openhtmltopdf	Trust: 0.1
title:	Log4j RELP Plugin	url:	https://github.com/teragrep/jla_05	Trust: 0.1
title:	log4j-scanner	url:	https://github.com/bluestoneag/log4j-scanner	Trust: 0.1
title:	-	url:	https://github.com/shadow-horse/CVE-2019-17571	Trust: 0.1

sources: VULMON: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // CNNVD: CNNVD-201912-950

EXTERNAL IDS

db:	NVD	id:	CVE-2019-17571	Trust: 3.3
db:	PACKETSTORM	id:	159173	Trust: 0.8
db:	PACKETSTORM	id:	167493	Trust: 0.8
db:	PACKETSTORM	id:	165965	Trust: 0.8
db:	PACKETSTORM	id:	165943	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-013606	Trust: 0.8
db:	CNNVD	id:	CNNVD-201912-950	Trust: 0.7
db:	AUSCERT	id:	ESB-2022.0599	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.3154	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0120.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.2010	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1427	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0098	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0120	Trust: 0.6
db:	CS-HELP	id:	SB2022021415	Trust: 0.6
db:	CS-HELP	id:	SB2022010302	Trust: 0.6
db:	CS-HELP	id:	SB2022021018	Trust: 0.6
db:	CS-HELP	id:	SB2022072128	Trust: 0.6
db:	CS-HELP	id:	SB2022072503	Trust: 0.6
db:	CS-HELP	id:	SB2022012001	Trust: 0.6
db:	VULHUB	id:	VHN-149831	Trust: 0.1
db:	VULMON	id:	CVE-2019-17571	Trust: 0.1
db:	PACKETSTORM	id:	168829	Trust: 0.1
db:	PACKETSTORM	id:	171759	Trust: 0.1
db:	PACKETSTORM	id:	177171	Trust: 0.1

sources: VULHUB: VHN-149831 // VULMON: CVE-2019-17571 // JVNDB: JVNDB-2019-013606 // PACKETSTORM: 159173 // PACKETSTORM: 165965 // PACKETSTORM: 165943 // PACKETSTORM: 168829 // PACKETSTORM: 167493 // PACKETSTORM: 171759 // PACKETSTORM: 177171 // CNNVD: CNNVD-201912-950 // NVD: CVE-2019-17571

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2019-17571	Trust: 2.1
url:	https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3cdev.logging.apache.org%3e	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20200110-0001/	Trust: 1.7
url:	https://www.debian.org/security/2020/dsa-4686	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpuapr2021.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpuapr2020.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpuapr2022.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpujul2020.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpujul2022.html	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2020/01/msg00008.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00022.html	Trust: 1.7
url:	https://usn.ubuntu.com/4495-1/	Trust: 1.7
url:	https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/564f03b4e9511fcba29c68fc0299372dadbdb002718fa8edcc4325e4%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/752ec92cd1e334a639e79bfbd689a4ec2c6579ec5bb41b53ffdf358d%40%3cdev.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r05755112a8c164abc1004bb44f198b1e3d8ca3d546a8f13ebd3aa05f%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d%40%3cdev.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r13d4b5c60ff63f3c4fab51d6ff266655be503b8a1884e2f2fab67c3a%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r189aaeaad897f7d6b96f7c43a8ef2dfb9f6e9f8c1cc9ad182ce9b9ae%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r1b7734dfdfd938640f2f5fb6f4231a267145c71ed60cc7faa1cbac07%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r26244f9f7d9a8a27a092eb0b2a0ca9395e88fcde8b5edaeca7ce569c%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3cusers.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r2756fd570b6709d55a61831ca028405bcb3e312175a60bc5d911c81f%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r3543ead2317dcd3306f69ee37b07dd383dbba6e2f47ff11eb55879ad%40%3cusers.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r356d57d6225f91fdc30f8b0a2bed229d1ece55e16e552878c5fa809a%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r3bf7b982dfa0779f8a71f843d2aa6b4184a53e6be7f149ee079387fd%40%3cdev.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r3c575cabc7386e646fb12cb82b0b38ae5a6ade8a800f827107824495%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r3cf50d05ce8cec8c09392624b7bae750e7643dae60ef2438641ee015%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8%40%3ccommits.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809%40%3ccommits.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r4ac89cbecd9e298ae9fafb5afda6fa77ac75c78d1ac957837e066c4e%40%3cuser.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3cusers.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r594411f4bddebaf48a4c70266d0b7849e0d82bb72826f61b3a35bba7%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r5c084578b3e3b40bd903c9d9e525097421bcd88178e672f612102eb2%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3cdev.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3cusers.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r6236b5f8646d48af8b66d5050f288304016840788e508c883356fe0e%40%3clog4j-user.logging.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r696507338dd5f44efc23d98cafe30f217cf3ba78e77ed1324c7a5179%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r6aec6b8f70167fa325fb98b3b5c9ce0ffaed026e697b69b85ac24628%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r6b45a2fcc8e98ac93a179183dbb7f340027bdb8e3ab393418076b153%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r6d34da5a0ca17ab08179a30c971446c7421af0e96f6d60867eabfc52%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r71e26f9c2d5826c6f95ad60f7d052d75e1e70b0d2dd853db6fc26d5f%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r7a1acc95373105169bd44df710c2f462cad31fb805364d2958a5ee03%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r7f462c69d5ded4c0223e014d95a3496690423c5f6f05c09e2f2a407a%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8244fd0831db894d5e89911ded9c72196d395a90ae655414d23ed0dd%40%3cusers.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8418a0dff1729f19cf1024937e23a2db4c0f94f2794a423f5c10e8e7%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8890b8f18f1de821595792b58b968a89692a255bc20d86d395270740%40%3ccommits.druid.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8a1cfd4705258c106e488091fcec85f194c82f2bbde6bd151e201870%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8c392ca48bb7e50754e4bc05865e9731b23d568d18a520fe3d8c1f75%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8c6300245c0bcef095e9f07b48157e2c6471df0816db3408fcf1d748%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8d78a0fbb56d505461e29868d1026e98c402e6a568c13a6da67896a2%40%3cdev.jena.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177%40%3ccommits.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r909b8e3a36913944d3b7bafe9635d4ca84f8f0e2cd146a1784f667c2%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r90c23eb8c82835fa82df85ae5e88c81fd9241e20a22971b0fb8f2c34%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r944183c871594fe9a555b8519a7c945bbcf6714d72461aa6c929028f%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9a9e3b42cd5d1c4536a14ef04f75048dec8e2740ac6a138ea912177f%40%3cpluto-dev.portals.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9d0d03f2e7d9e13c68b530f81d02b0fec33133edcf27330d8089fcfb%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9d2e28e71f91ba0b6f4114c8ecd96e2b1f7e0d06bdf8eb768c183aa9%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3cusers.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9fb3238cfc3222f2392ca6517353aadae18f76866157318ac562e706%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/ra18a903f785aed9403aea38bc6f36844a056283c00dcfc6936b6318c%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/ra54fa49be3e773d99ccc9c2a422311cf77e3ecd3b8594ee93043a6b1%40%3cdev.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/ra9611a8431cb62369bce8909d7645597e1dd45c24b448836b1e54940%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rb3c94619728c8f8c176d8e175e0a1086ca737ecdfcd5a2214bb768bc%40%3ccommits.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3%40%3ccommits.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rbd19de368abf0764e4383ec44d527bc9870176f488a494f09a40500d%40%3ccommon-dev.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rbdf18e39428b5c80fc35113470198b1fe53b287a76a46b0f8780b5fd%40%3cdev.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3cdev.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3cusers.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rc17d8491beee51607693019857e41e769795366b85be00aa2f4b3159%40%3cnotifications.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rc628307962ae1b8cc2d21b8e4b7dd6d7755b2dd52fa56a151a27e4fd%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rcd71280585425dad7e232f239c5709e425efdd0d3de4a92f808a4767%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3ccommits.pulsar.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rd3a9511eebab60e23f224841390a3f8cd5358cff605c5f7042171e47%40%3cdev.tinkerpop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rd6254837403e8cbfc7018baa9be29705f3f06bd007c83708f9a97679%40%3cissues.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rd7805c1bf9388968508c6c8f84588773216e560055ddcc813d19f347%40%3ccommon-issues.hadoop.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rd882ab6b642fe59cbbe94dc02bd197342058208f482e57b537940a4b%40%3cpluto-dev.portals.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rda4849c6823dd3e83c7a356eb883180811d5c28359fe46865fd151c3%40%3cusers.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rdb7ddf28807e27c7801f6e56a0dfb31092d34c61bdd4fa2de9182119%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573%40%3ccommits.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/re36da78e4f3955ba6c1c373a2ab85a4deb215ca74b85fcd66142fea1%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3cissues.activemq.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/reaf6b996f74f12b4557bc221abe88f58270ac583942fa41293c61f94%40%3cpluto-scm.portals.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f%40%3ccommits.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf1b434e11834a4449cd7addb69ed0aef0923112b5938182b363a968c%40%3cnotifications.zookeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3cdev.tika.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf53eeefb7e7e524deaacb9f8671cbf01b8a253e865fb94e7656722c0%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf77f79699c8d7e430c14cf480f12ed1297e6e8cf2ed379a425941e80%40%3cpluto-dev.portals.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf9c19bcc2f7a98a880fa3e3456c003d331812b55836b34ef648063c9%40%3cjira.kafka.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3cdev.mina.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rfdf65fa675c64a64459817344e0e6c44d51ee264beea6e5851fb60dc%40%3cissues.bookkeeper.apache.org%3e	Trust: 1.0
url:	https://access.redhat.com/security/cve/cve-2019-17571	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17571	Trust: 0.8
url:	https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3cissues.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r3543ead2317dcd3306f69ee37b07dd383dbba6e2f47ff11eb55879ad@%3cusers.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8244fd0831db894d5e89911ded9c72196d395a90ae655414d23ed0dd@%3cusers.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882@%3cusers.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328@%3cusers.activemq.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rb3c94619728c8f8c176d8e175e0a1086ca737ecdfcd5a2214bb768bc@%3ccommits.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/re36da78e4f3955ba6c1c373a2ab85a4deb215ca74b85fcd66142fea1@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r594411f4bddebaf48a4c70266d0b7849e0d82bb72826f61b3a35bba7@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r6d34da5a0ca17ab08179a30c971446c7421af0e96f6d60867eabfc52@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rdb7ddf28807e27c7801f6e56a0dfb31092d34c61bdd4fa2de9182119@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/ra18a903f785aed9403aea38bc6f36844a056283c00dcfc6936b6318c@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf53eeefb7e7e524deaacb9f8671cbf01b8a253e865fb94e7656722c0@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r90c23eb8c82835fa82df85ae5e88c81fd9241e20a22971b0fb8f2c34@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rfdf65fa675c64a64459817344e0e6c44d51ee264beea6e5851fb60dc@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8418a0dff1729f19cf1024937e23a2db4c0f94f2794a423f5c10e8e7@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/ra9611a8431cb62369bce8909d7645597e1dd45c24b448836b1e54940@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rcd71280585425dad7e232f239c5709e425efdd0d3de4a92f808a4767@%3cissues.bookkeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8890b8f18f1de821595792b58b968a89692a255bc20d86d395270740@%3ccommits.druid.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rbd19de368abf0764e4383ec44d527bc9870176f488a494f09a40500d@%3ccommon-dev.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r26244f9f7d9a8a27a092eb0b2a0ca9395e88fcde8b5edaeca7ce569c@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r9fb3238cfc3222f2392ca6517353aadae18f76866157318ac562e706@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8c6300245c0bcef095e9f07b48157e2c6471df0816db3408fcf1d748@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r6b45a2fcc8e98ac93a179183dbb7f340027bdb8e3ab393418076b153@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8c392ca48bb7e50754e4bc05865e9731b23d568d18a520fe3d8c1f75@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r13d4b5c60ff63f3c4fab51d6ff266655be503b8a1884e2f2fab67c3a@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rd7805c1bf9388968508c6c8f84588773216e560055ddcc813d19f347@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r1b7734dfdfd938640f2f5fb6f4231a267145c71ed60cc7faa1cbac07@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r9d2e28e71f91ba0b6f4114c8ecd96e2b1f7e0d06bdf8eb768c183aa9@%3ccommon-issues.hadoop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8d78a0fbb56d505461e29868d1026e98c402e6a568c13a6da67896a2@%3cdev.jena.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/752ec92cd1e334a639e79bfbd689a4ec2c6579ec5bb41b53ffdf358d@%3cdev.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r3bf7b982dfa0779f8a71f843d2aa6b4184a53e6be7f149ee079387fd@%3cdev.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3cdev.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3cdev.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/564f03b4e9511fcba29c68fc0299372dadbdb002718fa8edcc4325e4@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r2756fd570b6709d55a61831ca028405bcb3e312175a60bc5d911c81f@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r3c575cabc7386e646fb12cb82b0b38ae5a6ade8a800f827107824495@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r189aaeaad897f7d6b96f7c43a8ef2dfb9f6e9f8c1cc9ad182ce9b9ae@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8a1cfd4705258c106e488091fcec85f194c82f2bbde6bd151e201870@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r696507338dd5f44efc23d98cafe30f217cf3ba78e77ed1324c7a5179@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf9c19bcc2f7a98a880fa3e3456c003d331812b55836b34ef648063c9@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r71e26f9c2d5826c6f95ad60f7d052d75e1e70b0d2dd853db6fc26d5f@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r7f462c69d5ded4c0223e014d95a3496690423c5f6f05c09e2f2a407a@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r7a1acc95373105169bd44df710c2f462cad31fb805364d2958a5ee03@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r5c084578b3e3b40bd903c9d9e525097421bcd88178e672f612102eb2@%3cjira.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rda4849c6823dd3e83c7a356eb883180811d5c28359fe46865fd151c3@%3cusers.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3cusers.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3cusers.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3cusers.kafka.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r6236b5f8646d48af8b66d5050f288304016840788e508c883356fe0e@%3clog4j-user.logging.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3cdev.mina.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r9a9e3b42cd5d1c4536a14ef04f75048dec8e2740ac6a138ea912177f@%3cpluto-dev.portals.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf77f79699c8d7e430c14cf480f12ed1297e6e8cf2ed379a425941e80@%3cpluto-dev.portals.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rd882ab6b642fe59cbbe94dc02bd197342058208f482e57b537940a4b@%3cpluto-dev.portals.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/reaf6b996f74f12b4557bc221abe88f58270ac583942fa41293c61f94@%3cpluto-scm.portals.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3ccommits.pulsar.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3cdev.tika.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rd3a9511eebab60e23f224841390a3f8cd5358cff605c5f7042171e47@%3cdev.tinkerpop.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3ccommits.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3ccommits.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3ccommits.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f@%3ccommits.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809@%3ccommits.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3@%3ccommits.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rbdf18e39428b5c80fc35113470198b1fe53b287a76a46b0f8780b5fd@%3cdev.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3cdev.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/ra54fa49be3e773d99ccc9c2a422311cf77e3ecd3b8594ee93043a6b1@%3cdev.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r05755112a8c164abc1004bb44f198b1e3d8ca3d546a8f13ebd3aa05f@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r944183c871594fe9a555b8519a7c945bbcf6714d72461aa6c929028f@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r6aec6b8f70167fa325fb98b3b5c9ce0ffaed026e697b69b85ac24628@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r356d57d6225f91fdc30f8b0a2bed229d1ece55e16e552878c5fa809a@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rc628307962ae1b8cc2d21b8e4b7dd6d7755b2dd52fa56a151a27e4fd@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rd6254837403e8cbfc7018baa9be29705f3f06bd007c83708f9a97679@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r909b8e3a36913944d3b7bafe9635d4ca84f8f0e2cd146a1784f667c2@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r9d0d03f2e7d9e13c68b530f81d02b0fec33133edcf27330d8089fcfb@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r3cf50d05ce8cec8c09392624b7bae750e7643dae60ef2438641ee015@%3cissues.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf1b434e11834a4449cd7addb69ed0aef0923112b5938182b363a968c@%3cnotifications.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rc17d8491beee51607693019857e41e769795366b85be00aa2f4b3159@%3cnotifications.zookeeper.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r4ac89cbecd9e298ae9fafb5afda6fa77ac75c78d1ac957837e066c4e@%3cuser.zookeeper.apache.org%3e	Trust: 0.7
url:	https://www.debian.org/lts/security/2020/dla-2064	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2020/suse-su-202014267-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2020/suse-su-20200053-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2020/suse-su-20200054-1.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-3/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.2010	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-for-manufacturing-2-0-is-affected-by-vulnerabilities-of-log4j-1-2-17-log4j-deserialization-remote-code-execution-cve-2019-17571/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1427/	Trust: 0.6
url:	https://packetstormsecurity.com/files/165965/red-hat-security-advisory-2022-0507-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0120.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0098/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-warehouse-has-released-a-fix-in-response-to-multiple-vulnerabilities-found-in-ibm-db2/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-db2-that-affect-the-ibm-performance-management-product/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0120/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache-commons-and-log4j-affect-ibm-spectrum-protect-backup-archive-client-and-ibm-spectrum-protect-for-virtual-environments-3/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-netcool-impact-is-affected-by-an-apache-log4j-vulnerability-cve-2019-17571/	Trust: 0.6
url:	https://packetstormsecurity.com/files/159173/ubuntu-security-notice-usn-4495-1.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-the-vanruability-net-sf-ehcache-blocking-in-fasterxml-jackson-databind-has-an-unknown-impact-found-network-performance-insight-cve-2019-17571/	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022072503	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022072128	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6519984	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0599	Trust: 0.6
url:	https://packetstormsecurity.com/files/167493/red-hat-security-advisory-2022-5053-01.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-2/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-websphere-application-server-liberty-ibm-java-runtime-log4j-and-apache-commons-affect-ibm-spectrum-protect-snapshot-for-vmware/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-log4j-affects-ibm-lks-art-agent/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-found-in-apache-log4j-v1-x-may-affect-ibm-enterprise-records/	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022021018	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022021415	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2019-17571/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-publicly-disclosed-vulnerability/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apache-log4j-1-2-code-execution-via-socket-server-deserialization-31193	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022012001	Trust: 0.6
url:	https://packetstormsecurity.com/files/165943/red-hat-security-advisory-2022-0497-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022010302	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.3154/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23302	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23305	Trust: 0.4
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-9488	Trust: 0.3
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23307	Trust: 0.3
url:	https://access.redhat.com/security/team/contact/	Trust: 0.3
url:	https://bugzilla.redhat.com/):	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-9488	Trust: 0.2
url:	https://access.redhat.com/site/solutions/625683)	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-23307	Trust: 0.2
url:	https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=data.services.platform&downloadtype=securitypatches&version=6.4	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4104	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-4104	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-23305	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-23302	Trust: 0.2
url:	https://access.redhat.com/documentation/en-us/red_hat_jboss_data_virtualization/6.4/html/release_notes/	Trust: 0.2
url:	https://usn.ubuntu.com/4495-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/apache-log4j1.2/1.2.17-8+deb10u1build0.18.04.1	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0507	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0497	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/apache-log4j1.2	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5053	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5998-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/apache-log4j1.2/1.2.17-9ubuntu0.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/apache-log4j1.2/1.2.17-8+deb10u1ubuntu0.2	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://security.gentoo.org/glsa/202402-16	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-9493	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1

sources: VULHUB: VHN-149831 // JVNDB: JVNDB-2019-013606 // PACKETSTORM: 159173 // PACKETSTORM: 165965 // PACKETSTORM: 165943 // PACKETSTORM: 168829 // PACKETSTORM: 167493 // PACKETSTORM: 171759 // PACKETSTORM: 177171 // CNNVD: CNNVD-201912-950 // NVD: CVE-2019-17571

CREDITS

Ubuntu

Trust: 0.8

sources: PACKETSTORM: 159173 // PACKETSTORM: 171759 // CNNVD: CNNVD-201912-950

SOURCES

db:	VULHUB	id:	VHN-149831
db:	VULMON	id:	CVE-2019-17571
db:	JVNDB	id:	JVNDB-2019-013606
db:	PACKETSTORM	id:	159173
db:	PACKETSTORM	id:	165965
db:	PACKETSTORM	id:	165943
db:	PACKETSTORM	id:	168829
db:	PACKETSTORM	id:	167493
db:	PACKETSTORM	id:	171759
db:	PACKETSTORM	id:	177171
db:	CNNVD	id:	CNNVD-201912-950
db:	NVD	id:	CVE-2019-17571

LAST UPDATE DATE

2024-08-14T12:59:14.453000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149831	date:	2022-12-14T00:00:00
db:	VULMON	id:	CVE-2019-17571	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2019-013606	date:	2020-01-10T00:00:00
db:	CNNVD	id:	CNNVD-201912-950	date:	2023-04-07T00:00:00
db:	NVD	id:	CVE-2019-17571	date:	2023-11-07T03:06:20.543

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149831	date:	2019-12-20T00:00:00
db:	VULMON	id:	CVE-2019-17571	date:	2019-12-20T00:00:00
db:	JVNDB	id:	JVNDB-2019-013606	date:	2020-01-10T00:00:00
db:	PACKETSTORM	id:	159173	date:	2020-09-15T17:05:37
db:	PACKETSTORM	id:	165965	date:	2022-02-11T15:46:06
db:	PACKETSTORM	id:	165943	date:	2022-02-10T16:17:02
db:	PACKETSTORM	id:	168829	date:	2020-05-28T19:12:00
db:	PACKETSTORM	id:	167493	date:	2022-06-20T00:19:05
db:	PACKETSTORM	id:	171759	date:	2023-04-06T14:37:27
db:	PACKETSTORM	id:	177171	date:	2024-02-19T14:10:03
db:	CNNVD	id:	CNNVD-201912-950	date:	2019-12-19T00:00:00
db:	NVD	id:	CVE-2019-17571	date:	2019-12-20T17:15:11.893