Skip to main content

Log4Cxx

3 CVEs product

Monthly

CVE-2025-54813 MEDIUM PATCH This Month

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Apache Log4Cxx Red Hat Suse
NVD GitHub
CVSS 4.0
6.3
EPSS
0.2%
CVE-2025-54812 LOW PATCH Monitor

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required.

Apache XSS Log4Cxx
NVD GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2023-31038 HIGH POC This Week

SQL injection in Log4cxx when using the ODBC appender to send log messages to a database. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Log4Cxx
NVD
CVSS 3.1
8.8
EPSS
1.6%
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Apache Log4Cxx +2
NVD GitHub
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required.

Apache XSS Log4Cxx
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

SQL injection in Log4cxx when using the ODBC appender to send log messages to a database. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Log4Cxx
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy