Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache Log4j: Malicious Data Injection via Log Messages
Summary
Apache Log4j is a popular logging library for Java applications. If used incorrectly, it can allow attackers to inject malicious data into log messages, potentially leading to data breaches or system compromise. To fix this, update to the latest version of Apache Log4j.
What to do
- Update chainguard chromium to version 147.0.7727.101-r0.
- Update wolfi chromium to version 147.0.7727.101-r0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Chainguard | chainguard | chromium |
< 147.0.7727.101-r0 Fix: upgrade to 147.0.7727.101-r0
|
| Wolfi | wolfi | chromium |
< 147.0.7727.101-r0 Fix: upgrade to 147.0.7727.101-r0
|
Original title
CGA-vfxv-qmj6-j994
Published: 17 Apr 2026 · Updated: 17 Apr 2026 · First seen: 17 Apr 2026