8.0.29

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-14	CVE-2021-4104	Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. network high complexity apache fedoraproject redhat oracle CWE-502	7.5
2021-10-26	CVE-2021-41182	jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable	6.1
2021-10-26	CVE-2021-41183	jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable	6.1
2020-11-24	CVE-2020-26237	Highlight.js is a syntax highlighter written in JavaScript. network low complexity highlightjs debian oracle	8.7
2019-12-20	CVE-2019-17571	Deserialization of Untrusted Data vulnerability in multiple products Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. network low complexity apache debian canonical opensuse netapp oracle CWE-502 critical	9.8