ROOT-APP-MAVEN-CVE-2026-34479

Source
https://root.io/security/ROOT-APP-MAVEN-CVE-2026-34479
Import Source
https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-34479.json
JSON Data
https://api.osv.dev/v1/vulns/ROOT-APP-MAVEN-CVE-2026-34479
Upstream
  • CVE-2026-34479
Published
2026-06-21T08:03:21Z
Modified
2026-06-21T13:00:11.891756097Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
CVE-2026-34479 in io.root.org.apache.logging.log4j:log4j-1.2-api - Patched by Root
Details

Root has patched CVE-2026-34479 in the io.root.org.apache.logging.log4j:log4j-1.2-api package for Root:Maven. Multiple fixed versions available.

Database specific
{
    "distro": "maven",
    "source": "Root",
    "distro_version": "",
    "severity": "HIGH"
}
References

Affected packages

Root:Maven / io.root.org.apache.logging.log4j:log4j-1.2-api

Package

Name
io.root.org.apache.logging.log4j:log4j-1.2-api

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.19.0-root.io.8
Fixed
2.23.1-root.io.1
Fixed
2.21.1-root.io.1
Fixed
2.19.0-root.io.9
Fixed
2.23.1-root.io.2
Fixed
2.21.1-root.io.4
Fixed
2.23.1-root.io.1781450701
Fixed
2.21.1-root.io.5

Database specific

root_patch_version
"root.io.5"
upstream_version
"2.21.1"
source
"https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-34479.json"
total_fixed_versions
8.0
root_patched
true
all_fixed_versions
[
    "2.19.0-root.io.8",
    "2.23.1-root.io.1",
    "2.21.1-root.io.1",
    "2.19.0-root.io.9",
    "2.23.1-root.io.2",
    "2.21.1-root.io.4",
    "2.23.1-root.io.1781450701",
    "2.21.1-root.io.5"
]

Root:Maven / org.apache.logging.log4j:log4j-1.2-api

Package

Name
org.apache.logging.log4j:log4j-1.2-api

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.19.0-aikido.9
Fixed
2.23.1-aikido.2
Fixed
2.21.1-aikido.5

Database specific

root_patch_version
""
total_fixed_versions
3.0
source
"https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-34479.json"
upstream_version
"2.21.1-aikido.5"
root_patched
true
all_fixed_versions
[
    "2.19.0-aikido.9",
    "2.23.1-aikido.2",
    "2.21.1-aikido.5"
]