Communications messaging server

This hub aggregates every CVE we track for Communications messaging server, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Communications messaging server.

• CVE-2022-23307A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.8.8Jan 18, 2022
• CVE-2022-23305SQL injection in JDBC Appender in Apache Log4j V19.8Jan 18, 2022
• CVE-2022-23302Deserialization of untrusted data in JMSSink in Apache Log4j 1.x8.8Jan 18, 2022
• CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9Dec 18, 2021
• CVE-2021-4104Deserialization of untrusted data in JMSAppender in Apache Log4j 1.27.5Dec 14, 2021
• CVE-2021-40690Bypass of the secureValidation property7.5Sep 19, 2021
• CVE-2021-37714Crafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions7.5Aug 18, 2021
• CVE-2021-36090Apache Commons Compress 1.0 to 1.20 denial of service vulnerability7.5Jul 13, 2021
• CVE-2021-35517Apache Commons Compress 1.1 to 1.20 denial of service vulnerability7.5Jul 13, 2021
• CVE-2021-35516Apache Commons Compress 1.6 to 1.20 denial of service vulnerability7.5Jul 13, 2021
• CVE-2021-35515Apache Commons Compress 1.6 to 1.20 denial of service vulnerability7.5Jul 13, 2021
• CVE-2021-30468Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter7.5Jun 16, 2021
• CVE-2021-33813An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.7.5Jun 16, 2021
• CVE-2021-31812A carefully crafted PDF file can trigger an infinite loop while loading the file5.5Jun 12, 2021
• CVE-2021-31811A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading a tiny file5.5Jun 12, 2021