pkg:maven/ch.qos.logback/logback-core
Type
maven
Namespace
ch.qos.logback
Name
logback-core
Known advisories, vulnerabilities and fixes for ch.qos.logback/logback-core package.
Critical
1
High
2
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 1.2.9 |
CVE-2021-42550
|
MAVEN:GHSA-668Q-QRV7-99FM | Deserialization of Untrusted Data in logback | moderate |
2021-12-17T20:00:50
(2 years ago) |
|
Fixed | = 1.2.9 |
CVE-2021-42550
|
MAVEN:GHSA-668Q-QRV7-99FM | Deserialization of Untrusted Data in logback | moderate |
2021-12-17T20:00:50
(2 years ago) |
|
Affected | = 1.2.12 = 1.3.13 = 1.4.13 |
CVE-2023-6481
|
MAVEN:GHSA-GM62-RW4G-VRC4 | Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data | high |
2023-12-04T09:30:23
(9 months ago) |
|
Fixed | = 1.2.13 = 1.3.14 = 1.4.14 |
CVE-2023-6481
|
MAVEN:GHSA-GM62-RW4G-VRC4 | Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data | high |
2023-12-04T09:30:23
(9 months ago) |
|
Affected | < 1.2.0 |
CVE-2017-5929
|
MAVEN:GHSA-VMFG-RJJM-RJRJ | QOS.ch Logback vulnerable to Deserialization of Untrusted Data | critical |
2021-06-07T16:07:36
(3 years ago) |
|
Fixed | = 1.2.0 |
CVE-2017-5929
|
MAVEN:GHSA-VMFG-RJJM-RJRJ | QOS.ch Logback vulnerable to Deserialization of Untrusted Data | critical |
2021-06-07T16:07:36
(3 years ago) |
|
Affected | < 1.2.13 >= 1.3.0, < 1.3.12 >= 1.4.0, < 1.4.12 |
CVE-2023-6378
|
MAVEN:GHSA-VMQ6-5M68-F53M | logback serialization vulnerability | high |
2023-11-29T12:30:16
(9 months ago) |
|
Fixed | = 1.2.13 = 1.3.12 = 1.4.12 |
CVE-2023-6378
|
MAVEN:GHSA-VMQ6-5M68-F53M | logback serialization vulnerability | high |
2023-11-29T12:30:16
(9 months ago) |