risk 80/100 · critical exploited in the wild

Maven · org.ops4j.pax.logging:pax-logging-log4j2

2 known advisories.

Risk score: 80/100

Transparent, additive — every input shown:

Worst severity: +40
Worst CVSS: +0
Exploited in the wild: +25
Exploit probability (EPSS): +15

Advisories

CVE-2021-45046 — critical · exploited
CVE-2021-44228 — critical · exploited

Stateward checks every dependency on every pull request and flags org.ops4j.pax.logging:pax-logging-log4j2 only if your code actually reaches the vulnerable path.

Scan my repo

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.