A serialization vulnerability in logback receiver component part of logback versions prior to 1.2.13, 1.3.x prior to 1.3.12, and 1.4.x prior to 1.4.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
HIGH Vulnerable Package issue exists @ ch.qos.logback:logback-core in branch master
Description
A serialization vulnerability in logback receiver component part of logback versions prior to 1.2.13, 1.3.x prior to 1.3.12, and 1.4.x prior to 1.4.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
HIGH Vulnerable Package issue exists @ ch.qos.logback:logback-core in branch master
Vulnerability ID: CVE-2023-6378
Package Name: ch.qos.logback:logback-core
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2023-11-29T12:15:00
Current Package Version: 1.2.7
Remediation Upgrade Recommendation: 1.2.13
Link To SCA
Reference – NVD link