Maven (Java)

org.xbib.elasticsearch:log4j

org.xbib.elasticsearch:log4j has 1 known security vulnerability in Maven (Java). Review the table below for affected and fixed versions. Data sourced from OSV, enriched with EPSS exploit probability and CISA KEV.

1 Vulnerability

Is org.xbib.elasticsearch:log4j in your project?

Check if you're affected by these 1 vulnerability.

Scan Now Create Free Account to Monitor

Total

Critical

High

Medium

Low

Active Exploitation Warning

One or more vulnerabilities in this package are known to be actively exploited in the wild. Immediate action is recommended.

Vulnerabilities

1 unique vulnerability — sorted by severity. Click a CVE/GHSA ID for full details.

CVE / GHSA	Severity	CVSS	Summary	Affected	Fixed In
GHSA-jfh8-c2jp-5v3q Remote code injection in Log4j	CRITICAL	3.1	Remote code injection in Log4j	6.3.2.1	No fix available

About This Data

Vulnerability data for org.xbib.elasticsearch:log4j is sourced from the Open Source Vulnerability (OSV) database, aggregating reports from GitHub Advisory Database, NIST NVD, and ecosystem-specific sources.

CVSS (Common Vulnerability Scoring System) scores reflect exploitability and impact. EPSS (Exploit Prediction Scoring System) scores indicate the probability of exploitation within the next 30 days. Vulnerabilities marked with are listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.

Check Your Dependencies

Scan your project to check if you're using a vulnerable version of org.xbib.elasticsearch:log4j.

Scan Now - It's Free Create Free Account

Data from OSV DatabaseUpdated daily200K+ vulnerabilities indexed