- CVE ID
- CVE-2022-23307
- CVE Description
- CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
- Published
- Jan 20, 2022
- CVSS Score & Severity
8.8High
- CVSS Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- EPSS Score
- 2.603%
- KEV Status
Not in KEV Catalog: No known exploits
- Vulnerable Methods
org/apache/log4j/chainsaw/LoggingReceiver.run()VJVM
- Source
- National Vulnerability Database
