Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

org.apache.logging.log4j:log4j-core

Ecosystem:
maven
Package URL:
pkg:maven/org.apache.logging.log4j:log4j-core
Total PRs:
757 Dependabot PRs
Latest PR:
1 day ago
Unique Repositories:
327 repositories
Unique Repos (30 days):
24 repositories
Security Advisories
Apache Log4j 1.x (EOL) allows Denial of Service (DoS)
GHSA-vp98-w2p3-mv35 CVE-2023-26464 HIGH published over 2 years ago • updated 4 months ago
** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages ...
Incomplete fix for Apache Log4j vulnerability
GHSA-7rjr-3q55-vv33 CVE-2021-45046 CRITICAL published almost 4 years ago • updated 4 months ago
# Impact The fix to address [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) in Apache Log4j 2.15.0 was incomplete in certain non...
Deserialization of Untrusted Data in Log4j
GHSA-fxph-q3j8-mv87 CVE-2017-5645 CRITICAL published almost 6 years ago • updated 3 months ago
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, ...
Improper Input Validation and Injection in Apache Log4j2
GHSA-8489-44mv-ggj8 CVE-2021-44832 MODERATE published almost 4 years ago • updated 3 months ago
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to an attack where an attacker wi...
Remote code injection in Log4j
GHSA-jfh8-c2jp-5v3q CVE-2021-44228 CRITICAL published almost 4 years ago • updated 3 months ago
# Summary Log4j versions prior to 2.16.0 are subject to a remote code execution vulnerability via the ldap JNDI parser. As per [Apache's Log4j sec...
View all 7 advisories
Recent PRs
RSS Feed
Bump the azure-dependencies group across 1 directory with 32 updates

danielscholl-osdu/search #19

2.21.1 → 2.25.2 Minor PR
Open 1 day ago 3 comments
danielscholl-osdu
Bump the core-dependencies group in /search-core with 40 updates

danielscholl-osdu/search #11

2.21.1 → 2.25.2 Minor PR
Open 4 days ago 1 comment
danielscholl-osdu
Bump the logging group with 5 updates

danielscholl-osdu/indexer-queue #5

2.24.3 → 2.25.2 Minor PR
Open 4 days ago 4 comments
danielscholl-osdu
chore(deps): bump the maven-dependencies group with 14 updates

fast-ish/aws-webapp-infra #94

2.25.1 → 2.25.2 Patch PR
Closed 4 days ago 2 comments
fast-ish
Bump the maven-dependencies group across 1 directory with 33 updates

abbierwolf/AxonFramework #114

2.24.3 → 2.25.2 Minor PR
Open 8 days ago 1 comment
abbierwolf
gradle: bump the dependency-group group across 1 directory with 13 updates

navikt/sosialhjelp-avtaler-api #347

2.25.0 → 2.25.2 Patch PR
Closed 18 days ago 1 comment
navikt
[12.1.x EE11] Bump the dev-dependencies group across 1 directory with 48 updates

jetty/jetty.project #13783

2.25.0 → 2.25.2 Patch PR
Closed 19 days ago 1 comment
jetty
gradle: bump the dependency-group group with 11 updates

navikt/sosialhjelp-avtaler-api #346

2.25.0 → 2.25.2 Patch PR
Closed 19 days ago 2 comments
navikt
[12.0.x EE10] Bump the dev-dependencies group across 1 directory with 37 updates

jetty/jetty.project #13765

2.25.0 → 2.25.2 Patch PR
Closed 20 days ago 1 comment
jetty
gradle: bump the patch group with 10 updates

navikt/sosialhjelp-avtaler-api #344

2.25.0 → 2.25.2 Patch PR
Closed 20 days ago 1 comment
navikt
Bump the build-dependencies group across 1 directory with 55 updates

kchobantonov/hibernate-search #265

2.24.3 → 2.25.2 Minor PR
Closed 20 days ago 2 comments
kchobantonov
Bump the upstream-libs group across 1 directory with 11 updates

usethesource/rascal-language-servers #819

2.25.1 → 2.25.2 Patch PR
Merged 26 days ago 1 comment
usethesource
build(deps): bump the gradle-production-dependencies group across 2 directories with 14 updates

AcheampongStephen/OpenTelemetry #41

2.25.1 → 2.25.2 Patch PR
Open 26 days ago
AcheampongStephen
Bump the build-dependencies group across 1 directory with 54 updates

kchobantonov/hibernate-search #263

2.24.3 → 2.25.2 Minor PR
Open 27 days ago 1 comment
kchobantonov
build(deps): bump the gradle-production-dependencies group across 2 directories with 9 updates

AcheampongStephen/OpenTelemetry #38

2.25.1 → 2.25.2 Patch PR
Open 27 days ago
AcheampongStephen
Bump the gradle-all group across 1 directory with 39 updates

ambarishvrao/opensearch-migrations-public #9

2.25.1 → 2.25.2 Patch PR
Closed 28 days ago 1 comment
ambarishvrao
[4.1] Bump org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

hibernate/hibernate-reactive #2601

2.25.1 → 2.25.2 Patch PR
Merged 28 days ago
hibernate
[2.4] Bump org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

hibernate/hibernate-reactive #2592

2.25.1 → 2.25.2 Patch PR
Merged 28 days ago
hibernate
Bump org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

DavideD/hibernate-reactive #134

2.25.1 → 2.25.2 Patch PR
Open 28 days ago
DavideD
Bump the patches group across 1 directory with 9 updates

National-Digital-Twin/fuseki-yaml-config #21

2.24.3 → 2.25.2 Minor PR
Open 28 days ago
National-Digital-Twin
build(deps): bump the dependencies group across 1 directory with 109 updates

froque/jooby #127

2.24.3 → 2.25.2 Minor PR
Open 28 days ago
froque
deps(deps): bump the maven-dependencies group with 61 updates

QRun-IO/qqq #250

2.23.0 → 2.25.2 Minor PR
Closed 28 days ago 1 comment
QRun-IO
chore(deps): bump the patches group across 1 directory with 20 updates

National-Digital-Twin/rdf-abac #26

2.24.3 → 2.25.2 Minor PR
Open 28 days ago 1 comment
National-Digital-Twin
Bump the dependencies group across 1 directory with 15 updates

skodjob/data-generator #76

2.25.1 → 2.25.2 Patch PR
Merged 28 days ago
skodjob
Bump the general-dependencies group across 1 directory with 6 updates

streamshub/flink-sql #117

2.25.1 → 2.25.2 Patch PR
Open 28 days ago
streamshub
Bump the dependencies group across 1 directory with 15 updates

scalar-labs/scalardl #282

2.25.1 → 2.25.2 Patch PR
Merged 28 days ago 3 comments
scalar-labs
Bump org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

NASA-PDS/registry-common #178

2.25.1 → 2.25.2 Patch PR
Merged 28 days ago 1 comment
NASA-PDS
Bump the patches group across 1 directory with 10 updates

telicent-oss/fuseki-yaml-config #58

2.25.1 → 2.25.2 Patch PR
Open 29 days ago
telicent-oss
Bump the maven-dependencies group across 1 directory with 18 updates

AxonIQ/axonserver-connector-java #444

2.24.3 → 2.25.2 Minor PR
Merged 29 days ago 1 comment
AxonIQ
Bump org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

mtarek6/first-test-automation-framework #5

2.25.1 → 2.25.2 Patch PR
Merged about 1 month ago
mtarek6
chore(deps-dev): bump org.apache.logging.log4j:log4j-core from 2.25.0 to 2.25.2

sventorben/keycloak-home-idp-discovery #586

2.25.0 → 2.25.2 Patch PR
Merged about 1 month ago
sventorben
build(deps): bump the gradle group with 59 updates

ricekot/zap-extensions #6

2.24.2 → 2.25.2 Minor PR
Open about 1 month ago
ricekot
build(deps): bump the gradle-production-dependencies group across 2 directories with 8 updates

AcheampongStephen/OpenTelemetry #35

2.25.1 → 2.25.2 Patch PR
Closed about 1 month ago 1 comment
AcheampongStephen
build(deps): bump the gradle group across 1 directory with 59 updates

ricekot/zap-extensions #5

2.24.2 → 2.25.2 Minor PR
Closed about 1 month ago 1 comment
ricekot
Bump the upstream-libs group with 5 updates

SWAT-engineering/java-watch #73

2.25.1 → 2.25.2 Patch PR
Open about 1 month ago 9 comments
SWAT-engineering
build(deps): bump org.apache.logging.log4j:log4j-core from 2.24.1 to 2.25.2

Netcracker/qubership-inventory-tool-cli #142

2.24.1 → 2.25.2 Minor PR
Open about 1 month ago
Netcracker
Bump the upstream-libs group in /rascal-lsp with 9 updates

usethesource/rascal-language-servers #808

2.25.1 → 2.25.2 Patch PR
Closed about 1 month ago 4 comments
usethesource
Bump org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2 in the maven-dev-deps group

jruby/jruby-rack #335

2.25.1 → 2.25.2 Patch PR
Open about 1 month ago
jruby
chore(deps): bump the java-dependencies group in /cloud-run-functions/java with 4 updates

DataDog/serverless-gcp-sample-apps #74

2.25.1 → 2.25.2 Patch PR
Open about 1 month ago
DataDog
Bump org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

BernhardAngerer/simple-speedtest-client #51

2.25.1 → 2.25.2 Patch PR
Merged about 1 month ago
BernhardAngerer
Bump the gradle-all group across 1 directory with 29 updates

ambarishvrao/opensearch-migrations-public #6

2.25.1 → 2.25.2 Patch PR
Closed about 1 month ago 1 comment
ambarishvrao
Bump the maven-patch-group group across 1 directory with 16 updates

rvesse/jena #188

2.25.0 → 2.25.2 Patch PR
Closed about 1 month ago 1 comment
rvesse
Bump the patches group with 11 updates

National-Digital-Twin/fuseki-yaml-config #20

2.24.3 → 2.25.2 Minor PR
Open about 1 month ago 2 comments
National-Digital-Twin
build(deps): bump the dependencies group across 1 directory with 106 updates

froque/jooby #125

2.24.3 → 2.25.2 Minor PR
Open about 1 month ago 1 comment
froque
fix(deps): bump the prod-deps group across 1 directory with 8 updates

folio-org/applications-poc-tools #268

2.25.1 → 2.25.2 Patch PR
Merged about 1 month ago 3 comments
folio-org
deps(deps): bump the maven-dependencies group across 1 directory with 65 updates

Kingsrook/qqq #231

2.23.0 → 2.25.2 Minor PR
Closed about 1 month ago 1 comment
Kingsrook
build(deps): bump the gradle-dependencies group across 1 directory with 17 updates

AllayMC/Allay #723

2.25.1 → 2.25.2 Patch PR
Open about 1 month ago
AllayMC
chore(deps): bump org.apache.logging.log4j:log4j-core from 2.24.3 to 2.25.2

Andy-vienna/facturaX #33

2.24.3 → 2.25.2 Minor PR
Closed about 1 month ago
Andy-vienna
build(deps): bump the gradle-dependencies group across 1 directory with 16 updates

AllayMC/Allay #722

2.25.1 → 2.25.2 Patch PR
Open about 1 month ago 3 comments
AllayMC
Bump the dependencies group with 4 updates

skodjob/test-frame #340

2.25.1 → 2.25.2 Patch PR
Merged about 1 month ago 1 comment
skodjob
Package Details
Name: org.apache.logging.log4j:log4j-core
Ecosystem: maven
PURL Type: maven
Package URL: pkg:maven/org.apache.logging.log4j:log4j-core
JSON API: View JSON
Security Advisories

7

Active advisories
CRITICAL 3
HIGH 2
MODERATE 1
LOW 1
View All maven Advisories
Package Information
Description:

The Apache Log4j Implementation

Repository: https://github.com/apache/logging-log4j2
Homepage: https://logging.apache.org/log4j/3.x/
Latest Release: 2.24.3
11 months ago
Dependent Repos: 82,953
Dependent Packages: 8,839
Ranking: Top 0.0126% by dependent repos Top 0.0068% by dependent pkgs
PR Status
Open 379 (50.1%)
Merged 214 (28.3%)
Closed 158 (20.9%)
PR Types
Minor 420 (55.5%)
Major 1 (0.1%)
Patch 311 (41.1%)