It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was
incomplete in certain non-default configurations. An attacker could use this
vulnerability to cause a denial of service.
Please see the following link for more information:
<https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 21.10 | noarch | liblog4j2-java | < 2.16.0-0.21.10.1 | UNKNOWN |
Ubuntu | 21.04 | noarch | liblog4j2-java | < 2.16.0-0.21.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | liblog4j2-java | < 2.16.0-0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | liblog4j2-java-doc | < 2.16.0-0.20.04.1 | UNKNOWN |
9.9 High
AI Score
Confidence
0.976 High
EPSS
Percentile
100.0%