qos

logback

3 known vulnerabilities · sorted by CVSS score

CVE-2023-6378

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

qos / logback+2

Local

Published Nov 29, 2023

CVE-2023-6481

HIGH7.1

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

qos / logback+2

Local

Published Dec 4, 2023

CVE-2021-42550

MEDIUM6.6

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

qos / logback+16

Network

Published Dec 16, 2021