Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2022-23307

Low

Description

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.

Scores & Signals

CVSS 3.1 8.8 — HIGH
EPSS score 0.0267 (86.0th percentile)
CISA KEV No
Affected Apache Chainsaw
Published 2022-01-18

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.