Known vulnerabilities in Apache Foundation Apache Log4j 2.16.0

Vendor: Apache Foundation
Website: https://www.apache.org
Total Security Bulletins: 7

Security bulletins (7)

Secuity bulletin Severity Status Published
SB20260428217: Multiple vulnerabilities in Apache Log4j Medium
Patched
28.04.2026
SB2026042265: Improper validation of certificate with host mismatch in Oracle Communications Performance Intelligence Center Medium
Patched
22.04.2026
SB2025122245: Missing TLS hostname verification in Apache Log4j Medium
Patched
22.12.2025
SB2022042527: Multiple vulnerabilities in Oracle Retail Financial Integration Medium
Patched
25.04.2022
SB20220422113: Multiple vulnerabilities in Hyperion Data Relationship Management Medium
Patched
22.04.2022
SB2021122816: Remote code execution via JDBC Appender in Apache Log4j Medium
Patched
28.12.2021
SB2021121802: Infinite recursion in Apache Log4j Medium
Patched
18.12.2021