HIGH 7.1 Maven
Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data
GHSA-gm62-rw4g-vrc4 · CVE-2023-6481
Published · Modified
Description
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-6481
- WEB https://github.com/qos-ch/logback/commit/7018a3609c7bcc9dc7bf5903509901a986e5f578
- WEB https://github.com/qos-ch/logback/commit/c612b2fa3caf6eef3c75f1cd5859438451d0fd6f
- PACKAGE https://github.com/qos-ch/logback
- WEB https://logback.qos.ch/news.html#1.3.12
- WEB https://logback.qos.ch/news.html#1.3.14
Ready to move
Start Securing
Free, no credit card | First findings in minutes