cbcvebase.
CVE-2017-5929
published 2017-03-13

CVE-2017-5929: QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.

Affected

8 ranges
VendorProductVersion rangeFixed in
debianlogback< logback 1:1.1.9-3 (bookworm)logback 1:1.1.9-3 (bookworm)
qoslogback< 1.2.01.2.0
qoslogback>= 0 < 1:1.1.9-31:1.1.9-3
qoslogback>= 0 < 1:1.1.9-31:1.1.9-3
qoslogback>= 0 < 1:1.1.9-31:1.1.9-3
qoslogback>= 0 < 1:1.1.9-31:1.1.9-3
redhatsatellite
redhatsatellite_capsule

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL