Vulnerabilities > QOS > Logback

DATE CVE VULNERABILITY TITLE RISK
2023-12-04 CVE-2023-6481 Unspecified vulnerability in QOS Logback 1.2.12/1.3.13/1.4.13
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
network
low complexity
qos
7.5
7.5
2023-11-29 CVE-2023-6378 Deserialization of Untrusted Data vulnerability in QOS Logback
A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
network
low complexity
qos CWE-502
7.5
7.5
2021-12-16 CVE-2021-42550 Deserialization of Untrusted Data vulnerability in multiple products
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
network
high complexity
qos redhat netapp siemens CWE-502
6.6
6.6
2017-03-13 CVE-2017-5929 Deserialization of Untrusted Data vulnerability in multiple products
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
network
low complexity
qos redhat CWE-502
critical
 9.8
9.8