Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 2.0% on repo1.maven.org
Top 0.1% dependent packages on repo1.maven.org
Top 0.1% dependent repos on repo1.maven.org
Top 4.0% forks on repo1.maven.org
Top 0.1% docker downloads on repo1.maven.org

repo1.maven.org : org.apache.logging.log4j:log4j-core

The Apache Log4j Implementation

Registry - Source - Homepage - Documentation - JSON
purl: pkg:maven/org.apache.logging.log4j/log4j-core
Keywords: apache, api, java, jvm, library, log4j, log4j2, logger, logging, syslog
License: Apache-2.0
Latest release: 3 months ago
First release: almost 12 years ago
Namespace: org.apache.logging.log4j
Dependent packages: 8,839
Dependent repositories: 82,953
Stars: 3,100 on GitHub
Forks: 1,526 on GitHub
Docker dependents: 8,739
Docker downloads: 5,235,722,574
See more repository details: repos.ecosyste.ms
Last synced: 1 day ago

High

GSA_kwCzR0hTQS12cDk4LXcycDMtbXYzNc4AAyBx

Apache Log4j 1.x (EOL) allows Denial of Service (DoS)
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: github
Published: about 1 year ago

Moderate

GSA_kwCzR0hTQS04NDg5LTQ0bXYtZ2dqOM0fsA

Improper Input Validation and Injection in Apache Log4j2
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: github
Published: over 2 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ3cXEtNXZyYy14dzlo

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: github
Published: almost 4 years ago

Critical

GSA_kwCzR0hTQS03cmpyLTNxNTUtdnYzM80bQA

Incomplete fix for Apache Log4j vulnerability
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: github
Published: over 2 years ago

Critical

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4cGgtcTNqOC1tdjg3

Deserialization of Untrusted Data in Log4j
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: github
Published: over 4 years ago

High

GSA_kwCzR0hTQS1wNnhjLXhyNjItNnIyZ80dEw

Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: github
Published: over 2 years ago

Critical

GSA_kwCzR0hTQS1qZmg4LWMyanAtNXYzcc0asw

Remote code injection in Log4j
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, uk.co.nichesolutions.logging.log4j:log4j-core, org.xbib.elasticsearch:log4j, com.guicedee.services:log4j-core
Source: github
Published: over 2 years ago