Lucene search
K

19 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/10/04 12:0 a.m.4 views

logback-1.2.13-1.1 on GA media (moderate)

logback-1.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2025:15597-1 Rating: moderate Cross-References: CVE-2023-6378 CVE-2023-6481 CVE-2025-11226 CVSS scores: CVE-2025-11226 SUSE : 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves 3...

5.3CVSS6.7AI score0.009EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 10:53 p.m.51 views

Security Bulletin: Vulnerabilities in JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...

9.8CVSS9.8AI score0.45205EPSS
Exploits8Affected Software10
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-6378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending...

7.5CVSS7AI score0.009EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/13 10:4 a.m.51 views

Security Bulletin: vulnerability in Logback affects IBM Workload Scheduler.

Summary IBM Workload Scheduler is affected by a vulnerability in Logback that can cause denial of service CVE-2023-6378 Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the receiver component. By...

7.5CVSS6.5AI score0.009EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/27 6:26 p.m.26 views

Security Bulletin: Vulnerabilities in Logback might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Logback. A local or remote attacker could exploit these vulnerabilities to cause a denial of service condition as described by the CVE in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2023-6481...

7.5CVSS8.2AI score0.009EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/23 10:45 p.m.98 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update

Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

9.3CVSS6.6AI score0.8581EPSS
Exploits9References16
RedHat Linux
RedHat Linux
added 2024/05/21 2:18 p.m.108 views

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update

Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.1CVSS6.6AI score0.8581EPSS
Exploits4References14
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/25 9:16 a.m.48 views

Security Bulletin: Vulnerabilities in Logback may affect the IBM Spectrum Protect Server (CVE-2023-6378)

Summary The IBM Spectrum Protect Server may be affected by vulnerabilities in Logback such as denial of service caused by a serializaion flaw in the logback receiver component. Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused ...

7.5CVSS7.3AI score0.009EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.32 views

Atlassian Confluence 6.0.1 < 7.19.18 / 7.20.x < 8.5.5 / 8.6.x < 8.7.2 / 8.8.0 (CONFSERVER-94110)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-94110 advisory. - A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack ...

7.5CVSS7.1AI score0.009EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/13 3:4 p.m.30 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to QOS.ch Sarl Logback denial of service vulnerability ( CVE-2023-6378)

Summary Potential QOS.ch Sarl Logback denial of service vulnerability CVE-2023-6378 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-6378...

7.5CVSS7.2AI score0.009EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/02/12 6:1 p.m.70 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.3 release security update

Red Hat Integration Camel for Spring Boot 4.0.3 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS6.8AI score0.009EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/06 12:56 p.m.33 views

Security Bulletin:IBM Asset Data Dictionary Component uses logback-classic-1.3.0-alpha16.jar which is vulnerable to CVE-2023-6378

Summary IBM Asset Data Dictionary Component uses logback-classic-1.3.0-alpha16.jar which is vulnerable to CVE-2023-6378. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a...

7.5CVSS7AI score0.009EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/17 7:18 a.m.54 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2023.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF028 and 23.0.1-IF006. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By...

9.8CVSS10AI score0.99999EPSS
Exploits20Affected Software1
RedhatCVE
RedhatCVE
added 2023/12/05 12:43 p.m.108 views

CVE-2023-6378

A flaw was found in the logback package, where it is vulnerable to a denial of service caused by a serialization flaw in the receiver component. By sending specially crafted poisoned data, a remote attacker can cause a denial of service condition. Mitigation Mitigation for this issue is either no...

7.5CVSS6.8AI score0.009EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/11/29 12:30 p.m.13 views

ai.timefold.solver:timefold-solver-examples (>=1.1.0 <=1.4.0), ai.timefold.solver:timefold-solver-spring-boot-starter (=1.4.0) +5841 more potentially affected by CVE-2023-6378 via ch.qos.logback:logback-core (>=1.4.0 <=1.4.11)

ch.qos.logback:logback-core MAVEN version =1.4.0, =1.1.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =23.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =23.9.1 and more Source cves: CVE-2023-6378 Source advisory: OSV:GHSA-VMQ6-5M68-F53M...

7.5CVSS6.7AI score0.009EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/11/29 12:30 p.m.13 views

ai.timefold.solver:timefold-solver-examples (>=1.1.0 <=1.4.0), ai.timefold.solver:timefold-solver-spring-boot-starter (=1.4.0) +5876 more potentially affected by CVE-2023-6378 via ch.qos.logback:logback-classic (>=1.4.0 <=1.4.11)

ch.qos.logback:logback-classic MAVEN version =1.4.0, =1.1.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =23.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =23.9.1 and more Source cves: CVE-2023-6378 Source advisory: OSV:GHSA-VMQ6-5M68-F53M...

7.5CVSS6.7AI score0.009EPSS
Exploits0
Wolfi
Wolfi
added 2023/11/29 12:15 p.m.133 views

CVE-2023-6378 vulnerabilities

Vulnerabilities for packages: tez, trino, zookeeper...

7.5CVSS6.7AI score0.009EPSS
Exploits0
CVE
CVE
added 2023/11/29 12:2 p.m.538 views

CVE-2023-6378

CVE-2023-6378 involves a serialization vulnerability in the logback receiver component of logback version 1.4.11 that allows an attacker to mount a Denial-of-Service by sending poisoned data. The published entries consistently describe a DoS impact without other confidentiality or integrity effec...

7.5CVSS7.2AI score0.009EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/29 12:2 p.m.32 views

CVE-2023-6378 Logback "receiver" DOS vulnerability

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

7.1CVSS7.6AI score0.009EPSS
Exploits0References1
Rows per page
Query Builder