Lucene search
K

11 matches found

OSV
OSV
added 2026/04/01 9:25 a.m.4 views

CLEANSTART-2026-TX96881 Security fixes for CVE-2024-6763, CVE-2026-1225, ghsa-25qh-j22f-pwp8, ghsa-72hv-8253-57qq, ghsa-qh8g-58pp-2wxh, ghsa-qqpg-mvqg-649v applied in versions: 4.0.1-r2

Multiple security vulnerabilities affect the cassandra-reaper-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

5.3CVSS6.7AI score0.00986EPSS
Exploits1References9
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 12:57 a.m.6 views

Security Bulletin: IBM Storage Protect Server is affected by a vulnerability in the logback-core library that could allow denial-of-service through specially crafted inputs (CVE-2026-1225).

Summary IBM Storage Protect Server uses the logback-core library in certain components; the library is affected by an input handling flaw that could allow specially crafted inputs to trigger a denial-of-service condition. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in...

1.8CVSS5.8AI score0.00159EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/27 3:43 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Improper Input Validation in QOS.CH logback-core [CVE-2026-1225]

Summary IBM Watson Speech Services Cartridge is vulnerable to Improper Input Validation in logback-core, caused by an ACE vulnerability in configuration file processing that allows an attacker to instantiate classes already present on the class path by compromising an existing logback configurati...

1.8CVSS5.9AI score0.00159EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:14 p.m.8 views

Security Bulletin: Vulnerabilities in logback-core-1.5.16.jar, logback-core-1.5.19.jar, logback-core-1.5.22.jar affecting MongoDB Enterprised Advanced (CVE-2026-1225)

Summary There are vulnerabilities in logback-core-1.5.16.jar, logback-core-1.5.19.jar, logback-core-1.5.22.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-1225. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability i...

1.8CVSS5.5AI score0.00159EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.4 views

openSUSE 15 Security Update : logback (SUSE-SU-2026:0361-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0361-1 advisory. - CVE-2026-1225: ACE vulnerability in configuration file bsc1257094 Tenable has extracted the preceding description block directly from the SUSE security...

1.8CVSS5.3AI score0.00159EPSS
Exploits0References4
Wolfi
Wolfi
added 2026/01/26 1:54 p.m.7 views

CVE-2026-1225 vulnerabilities

Vulnerabilities for packages: cassandra-reaper, nextflow, sonar-scanner-cli, sonarqube, akhq, kserve-modelmesh, keycloak-config-cli, apache-nifi-registry, cassandra, zookeeper, trino, dependency-track, apache-nifi, management-api-for-apache-cassandra-5.0...

1.8CVSS6.4AI score0.00159EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/26 1:17 p.m.9 views

CVE-2026-1225 vulnerabilities

Vulnerabilities for packages: apache-nifi-registry, localstack, kserve-modelmesh, kafbat-ui-fips, knative-kafka-broker-fips, trino, dependency-track-apiserver, apache-nifi, akhq, nacos-docker, management-api-for-apache-cassandra-5.0, management-api-for-apache-cassandra-4.1, keycloak-config-cli,...

1.8CVSS6.4AI score0.00159EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/01/23 12:25 a.m.4 views

SUSE CVE-2026-1225

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

6.4CVSS5.6AI score0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/22 9:24 a.m.30 views

CVE-2026-1225 Malicious logback.xml configuration file allows instantiation of arbitrary classes

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

1.8CVSS0.00159EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/01/22 9:24 a.m.5 views

CVE-2026-1225

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

1.8CVSS4.5AI score0.00159EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-1225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to...

1.8CVSS6AI score0.00159EPSS
Exploits0References4
Rows per page
Query Builder