CVE-2021-45046 — Apache Log4j DoS/RCE

Overview

Critical

Low

Medium

No items found.

Package: org.apache.logging.log4j:log4j-core

Impact: DoS and potential RCE in certain configurations

Fix: Update to Log4j v2.16.0+

Year: 2021

CVSS:

Severity:

* log4j-core/src/main/java/org/apache/logging/log4j/core/pattern/MessagePatternConverter.java

* public static MessagePatternConverter newInstance(final Configuration config, final String[] options)