Qos Logback vulnerabilities
4 known vulnerabilities affecting qos/logback.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-6481HIGHCVSS 7.5v1.2.12v1.3.13+1 more2023-12-04
CVE-2023-6481 [HIGH] CVE-2023-6481: A serialization vulnerability in logback receiver component part of
logback version 1.4.13, 1.3.13
A serialization vulnerability in logback receiver component part of
logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
nvd
CVE-2023-6378HIGHCVSS 7.5≥ 1.2.0, < 1.2.13≥ 1.3.0, < 1.3.12+1 more2023-11-29
CVE-2023-6378 [HIGH] CWE-502 CVE-2023-6378: A serialization vulnerability in logback receiver component part of
logback version 1.4.11 allows a
A serialization vulnerability in logback receiver component part of
logback version 1.4.11 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
nvd
CVE-2021-42550MEDIUMCVSS 6.6≤ 1.2.7v1.3.02021-12-16
CVE-2021-42550 [MEDIUM] CWE-502 CVE-2021-42550: In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit config
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
nvd
CVE-2017-5929CRITICALCVSS 9.8fixed in 1.2.02017-03-13
CVE-2017-5929 [CRITICAL] CWE-502 CVE-2017-5929: QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerS
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
nvd