{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2.1.0" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "1.2" }, { "fixed": "2.0" } ] }, "events": [ { "introduced": "0" }, { "fixed": "8d9204a4b4c6016fa6b36513a46502689d6a45c1" } ], "repo": "https://github.com/apache/logging-log4j2", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "1.2.18.1" } ] }, "events": [ { "introduced": "0" }, { "fixed": "527f5374efd3c534b8aae7c133898019182e9f99" } ], "repo": "https://github.com/qos-ch/reload4j", "type": "GIT" } ] } ], "details": "A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.", "id": "CVE-2020-9493", "modified": "2026-04-01T23:10:24.882865801Z", "published": "2021-06-16T08:15:06.577Z", "references": [ { "type": "WEB", "url": "https://lists.apache.org/thread.html/r50d389c613ba6062a26aa57e163c09bfee4ff2d95d67331d75265b83%40%3Cannounce.apache.org%3E" }, { "type": "ADVISORY", "url": "http://www.openwall.com/lists/oss-security/2021/06/16/1" }, { "type": "ADVISORY", "url": "http://www.openwall.com/lists/oss-security/2022/01/18/5" }, { "type": "ARTICLE", "url": "https://www.openwall.com/lists/oss-security/2021/06/16/1" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }