A serialization vulnerability in logback receiver component part of
logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
References
Link | Resource |
---|---|
https://logback.qos.ch/news.html#1.3.12 | Release Notes |
https://logback.qos.ch/news.html#1.3.14 | Release Notes |
Configurations
Configuration 1 (hide)
|
History
07 Dec 2023, 19:57
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:qos:logback:1.4.13:*:*:*:*:*:*:* cpe:2.3:a:qos:logback:1.3.13:*:*:*:*:*:*:* cpe:2.3:a:qos:logback:1.2.12:*:*:*:*:*:*:* |
|
References | () https://logback.qos.ch/news.html#1.3.12 - Release Notes | |
References | () https://logback.qos.ch/news.html#1.3.14 - Release Notes | |
CWE | NVD-CWE-noinfo | |
First Time |
Qos
Qos logback |
04 Dec 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-04 09:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-6481
Mitre link : CVE-2023-6481
CVE.ORG link : CVE-2023-6481
JSON object : View
Products Affected
qos
- logback
CWE