Log4net - Vulncode-DB

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	2

Date	Id	Summary	Products	Score	Patch	Annotated
2020-05-11	CVE-2018-1285	Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.	Log4net, Fedora, Manageability_software_development_kit, Snapcenter, Application_testing_suite, Hospitality_opera_5, Hospitality_simphony	9.8
2006-03-09	CVE-2006-0743	Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.	Log4net	N/A