CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh | Mailing List Vendor Advisory |
https://logging.apache.org/log4j/1.2/index.html | Vendor Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2022-01-18T15:25:23
Updated: 2022-07-25T16:49:30
Reserved: 2022-01-17T00:00:00
Link: CVE-2022-23307
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-18T16:15:08.403
Modified: 2023-02-24T15:29:49.257
Link: CVE-2022-23307
JSON object: View
Redhat Information
No data.
CWE