Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/26 4:56 a.m.54 views

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability which can allow an attacker to execute arbitrary code

Summary Logback could allow a remote authenticated attacker to execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2021-42550 DESCRIPTION: Logback could allow a remote authenticated attacker to execute arbitrary code on the system. By using a specially-crafted configuration, an...

9.8CVSS8.1AI score0.07501EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2021/06/07 4:7 p.m.6 views

aero.champ:cargojson (=1.0), ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12) +17352 more potentially affected by CVE-2017-5929 via ch.qos.logback:logback-core (>=0.2.5 <=1.1.9)

ch.qos.logback:logback-core MAVEN version =0.2.5, =0.1.8, =0.1.6, =0.1.4-SB1X, =0.11.0, =0.7.0, =0.6.1, =0.11.0, =0.6.1, =0.13.0 and more Source cves: CVE-2017-5929 Source advisory: OSV:GHSA-VMFG-RJJM-RJRJ...

9.8CVSS6.7AI score0.07501EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/06/07 4:7 p.m.4 views

aero.champ:cargojson (=1.0), ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12) +17133 more potentially affected by CVE-2017-5929 via ch.qos.logback:logback-classic (>=0.6 <=1.1.9)

ch.qos.logback:logback-classic MAVEN version =0.6, =0.1.8, =0.1.6, =0.1.4-SB1X, =0.11.0, =0.7.0, =0.6.1, =0.11.0, =0.6.1, =0.13.0 and more Source cves: CVE-2017-5929 Source advisory: OSV:GHSA-VMFG-RJJM-RJRJ...

9.8CVSS6.7AI score0.07501EPSS
Exploits0
Mageia
Mageia
added 2019/02/14 8:38 a.m.37 views

Updated logback packages fix security vulnerability

It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to...

9.8CVSS6.6AI score0.07501EPSS
Exploits0References2
OSV
OSV
added 2019/02/14 8:38 a.m.7 views

MGASA-2019-0079 Updated logback packages fix security vulnerability

It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to...

9.8CVSS9.7AI score0.07501EPSS
Exploits0References3
Hacker One
Hacker One
added 2017/09/29 1:32 p.m.51 views

U.S. Dept Of Defense: 2 vulnerabilities of arbitrary code in ████████ - CVE-2017-5929

Summary: GitHub repo: https://github.com/████████ QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. High Severity Arbitrary Code Execution Vulnerable module: ch.qos.logback:logback-core Introduced through:...

7.5CVSS3AI score0.07501EPSS
Exploits0
Veracode
Veracode
added 2017/08/22 7:33 a.m.39 views

Arbitrary Code Execution Through Serialization

QOS.ch Logback is vulnerable to arbitrary code execution through serialization. It is possible to write untrusted objects from the Logger, allowing arbitrary code execution. This is related to CVE-2017-5929...

9.8CVSS9.7AI score0.07501EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2017/07/04 6:0 p.m.46 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BPM Suite security update

An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.2AI score0.07501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/07/04 6:0 p.m.37 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.2AI score0.07501EPSS
Exploits0References5
CVE
CVE
added 2017/03/13 6:14 a.m.238 views

CVE-2017-5929

CVE-2017-5929 – Logback deserialization issue : QOS.ch Logback up to 1.2.0 contains a serialization vulnerability in the SocketServer and ServerSocketReceiver paths. The RemoteStreamAppenderClient, SocketNode, and related classes deserialize data from a Java Socket via ObjectInputStream without v...

9.8CVSS9.2AI score0.07501EPSS
Exploits0References21Affected Software1
Rows per page
Query Builder