📦

logback

Vendor: qos

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 3 Remote Access

Total CVEs 20 Total Indexed

Avg. EPSS 3.43% Exploit Prob.

Latest CVE CVE-2023-6481 Dec 04

Security Vulnerability Index

Page 1 / 2

7.1 CVSS

CVE-2023-6481

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

EPSS: 0.22%

Severity: HIGH

Dec 04, 2023

7.1 CVSS

CVE-2023-6378

RCE

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

EPSS: 0.63%

Severity: HIGH

Nov 29, 2023

6.6 CVSS

CVE-2021-42550

RCE

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

EPSS: 2.73%

Severity: MEDIUM

Dec 16, 2021

9.8 CVSS

CVE-2017-5929

RCE Exploit Found

QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.

EPSS: 10.14%

Severity: CRITICAL

Mar 13, 2017

Displaying 4 of 20 Total Entries

1 2

Total 2 Sections