vulnerability

Red Hat: CVE-2022-23307: CVE-2022-23307 log4j: Unsafe deserialization flaw in Chainsaw log viewer (Multiple Advisories)

Name: Red Hat: CVE-2022-23307: CVE-2022-23307 log4j: Unsafe deserialization flaw in Chainsaw log viewer (Multiple Advisories)
Creator: Red Hat
Published: 2022-01-18T00:00:00.000Z

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Jan 18, 2022

Added

Jan 27, 2022

Modified

Jun 17, 2026

Description

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.

Solutions

redhat-upgrade-log4jredhat-upgrade-log4j-debuginforedhat-upgrade-log4j-javadocredhat-upgrade-log4j-manualredhat-upgrade-parfaitredhat-upgrade-parfait-examplesredhat-upgrade-parfait-javadocredhat-upgrade-pcp-parfait-agentredhat-upgrade-si-unitsredhat-upgrade-si-units-javadocredhat-upgrade-unit-apiredhat-upgrade-unit-api-javadocredhat-upgrade-uom-libredhat-upgrade-uom-lib-javadocredhat-upgrade-uom-parentredhat-upgrade-uom-seredhat-upgrade-uom-se-javadocredhat-upgrade-uom-systemsredhat-upgrade-uom-systems-javadoc

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report