Redhat : Security Vulnerabilities, CVEs, Published In April 2017 (Code Execution)
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
Max CVSS
9.8
EPSS Score
81.95%
Published
2017-04-17
Updated
2022-04-04
CVE-2017-5030
Known exploited
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Max CVSS
8.8
EPSS Score
56.57%
Published
2017-04-24
Updated
2022-04-22
CISA KEV Added
2022-06-08
2 vulnerabilities found