org.ops4j.pax.logging:pax-logging-log4j2 (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.ops4j.pax.logging:pax-logging-log4j2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2021-44832 — CVSS 6.6 (medium): Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code…
CVE-2021-45105 — CVSS 5.9 (medium): Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from…