What is GHSA-p6xc-xr62-6r2g?

Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion This vulnerability has been assigned a severity rating of HIGH.

How do I check if my project is affected by GHSA-p6xc-xr62-6r2g?

Use GeekWala's free vulnerability scanner to check your dependencies against GHSA-p6xc-xr62-6r2g and 200,000+ other known vulnerabilities. Upload your package.json, requirements.txt, or other dependency file to get instant results.

Loading...

GHSA-p6xc-xr62-6r2g — HIGH Severity Vulnerability

Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion CVSS base score is 3.1 (HIGH severity). The EPSS exploit prediction model gives this CVE a 71.4% probability of exploitation in the next 30 days, placing it in the 99th percentile of all tracked vulnerabilities. This vulnerability is not currently on the CISA Known Exploited Vulnerabilities catalog. Affects 7 packages across the dependency graph; review the affected version ranges below and upgrade to a fixed release where available.

Home
Vulnerabilities
GHSA-p6xc-xr62-6r2g

org.apache.logging.log4j:log4j-core (maven) security
Maven dependency scanner
org.apache.logging.log4j:log4j-core (maven) security
org.ops4j.pax.logging:pax-logging-log4j2 (maven) security
org.ops4j.pax.logging:pax-logging-log4j2 (maven) security
org.ops4j.pax.logging:pax-logging-log4j2 (maven) security
org.ops4j.pax.logging:pax-logging-log4j2 (maven) security
org.apache.logging.log4j:log4j-core (maven) security
Run a free scan
Understanding CVEs and EPSS