Lucene search
+L

18 matches found

opensuse
opensuse
added 2025/10/04 12:0 a.m.4 views

logback-1.2.13-1.1 on GA media (moderate)

logback-1.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2025:15597-1 Rating: moderate Cross-References: CVE-2023-6378 CVE-2023-6481 CVE-2025-11226 CVSS scores: CVE-2025-11226 SUSE : 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves 3...

5.3CVSS6.7AI score0.009EPSS
Exploits0
ibm
ibm
added 2025/04/28 10:59 a.m.27 views

Security Bulletin: Denial of Service in Logback used by Apache Zookeeper affect IBM Operations Analytics - Log Analysis (CVE-2023-6481)

Summary There is a potential denial of service in Logback that is used by Apache Zookeeper. This is caused by serialization vulnerability in Logback. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in...

7.5CVSS7.3AI score0.00682EPSS
Exploits0Affected Software1
nessus
nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-6481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service...

7.5CVSS7AI score0.00682EPSS
Exploits0References2
ibm
ibm
added 2024/11/13 2:19 p.m.18 views

Security Bulletin: IBM Master Data Management vulnerable to denial of service in IBM Business Automation Workflow using Logback

Summary IBM Master Data Management version 14.0 is impacted by vulnerability in IBM Business Automation Workflow. QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logback receiver component. By sending a specially crafted data, a local attacker could...

7.5CVSS6.2AI score0.00682EPSS
Exploits0Affected Software1
ibm
ibm
added 2024/09/27 6:26 p.m.26 views

Security Bulletin: Vulnerabilities in Logback might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Logback. A local or remote attacker could exploit these vulnerabilities to cause a denial of service condition as described by the CVE in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2023-6481...

7.5CVSS8.2AI score0.009EPSS
Exploits0Affected Software1
redhat
redhat
added 2024/05/23 10:45 p.m.98 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update

Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

9.3CVSS6.6AI score0.8581EPSS
Exploits9References16
redhat
redhat
added 2024/05/21 2:18 p.m.108 views

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update

Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.1CVSS6.6AI score0.8581EPSS
Exploits4References14
ibm
ibm
added 2024/03/25 9:16 a.m.66 views

Security Bulletin: Vulnerabilities in Logback may affect the IBM Spectrum Protect Server (CVE-2023-6481)

Summary The IBM Spectrum Protect Server may be affected by vulnerabilities in Logback such as denial of service caused by a serializaion flaw in the logback receiver component. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused ...

7.5CVSS7.1AI score0.00682EPSS
Exploits0Affected Software1
nessus
nessus
added 2024/03/01 12:0 a.m.56 views

Atlassian Confluence 6.0.1 < 7.19.18 / 7.20.x < 8.5.5 / 8.6.x < 8.7.2 / 8.8.0 (CONFSERVER-94111)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-94111 advisory. - This High severity ch.qos.logback:logback-classic Dependency vulnerability was introduced in versions 6.0.1 of Confluence Data Center and Server...

7.5CVSS7.2AI score0.00682EPSS
Exploits0References2
redhat
redhat
added 2024/02/12 6:1 p.m.70 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.3 release security update

Red Hat Integration Camel for Spring Boot 4.0.3 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS6.8AI score0.009EPSS
Exploits1References4
ibm
ibm
added 2024/01/24 1:30 p.m.41 views

Security Bulletin: vulnerability in Logback might affect IBM Business Automation Workflow - CVE-2023-6481

Summary The Documentation Generator for Case Solutions in IBM Business Automation Workflow might be affected by a vulnerability in LogBack. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logbac...

7.5CVSS6.8AI score0.00682EPSS
Exploits0Affected Software1
vulnersosv
vulnersosv
added 2023/12/04 9:30 a.m.6 views

ch.qos.logback:logback-access (=1.3.13), ch.qos.logback:logback-classic (=1.3.13) +28 more potentially affected by CVE-2023-6481 via ch.qos.logback:logback-core (=1.3.13)

ch.qos.logback:logback-core MAVEN version =1.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on ch.qos.logback:logback-core and may be impacted: - ch.qos.logback:logback-access =1.3.13 - ch.qos.logback:logback-classic =1.3.13 -...

7.5CVSS7.1AI score0.00682EPSS
Exploits0
vulnersosv
vulnersosv
added 2023/12/04 9:30 a.m.5 views

ai.apiverse:apipulse (=1.0.1), ai.timefold.solver:timefold-solver-distribution-internal (=0.8.41) +6970 more potentially affected by CVE-2023-6481 via ch.qos.logback:logback-core (=1.2.12)

ch.qos.logback:logback-core MAVEN version =1.2.12 is affected by a known vulnerability. The following packages have a transitive dependency on ch.qos.logback:logback-core and may be impacted: - ai.apiverse:apipulse =1.0.1 - ai.timefold.solver:timefold-solver-distribution-internal =0.8.41 -...

7.5CVSS7.1AI score0.00682EPSS
Exploits0
vulnersosv
vulnersosv
added 2023/12/04 9:30 a.m.7 views

be.yildiz-games:common-logging-logback (=1.1.25), ch.qos.logback:logback-access (=1.4.13) +130 more potentially affected by CVE-2023-6481 via ch.qos.logback:logback-core (=1.4.13)

ch.qos.logback:logback-core MAVEN version =1.4.13 is affected by a known vulnerability. The following packages have a transitive dependency on ch.qos.logback:logback-core and may be impacted: - be.yildiz-games:common-logging-logback =1.1.25 - ch.qos.logback:logback-access =1.4.13 -...

7.5CVSS7.1AI score0.00682EPSS
Exploits0
cgr
cgr
added 2023/12/04 9:15 a.m.49 views

CVE-2023-6481 vulnerabilities

Vulnerabilities for packages: stargate...

7.5CVSS6.9AI score0.00682EPSS
Exploits0
nvd
nvd
added 2023/12/04 9:15 a.m.17 views

CVE-2023-6481

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

7.5CVSS0.00682EPSS
Exploits0References2
cve
cve
added 2023/12/04 8:35 a.m.465 views

CVE-2023-6481

CVE-2023-6481 concerns the logback receiver component in logback, affected in versions 1.4.13, 1.3.13, and 1.2.12. It describes a serialization vulnerability that enables a Denial-of-Service attack when poisoned data is received. The connected documents corroborate a DoS impact and reference mult...

7.5CVSS7AI score0.009EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/12/04 8:35 a.m.32 views

CVE-2023-6481 Logback "receiver" DOS vulnerability CVE-2023-6378 incomplete fix

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

7.1CVSS7.6AI score0.009EPSS
Exploits0References2
Rows per page
Query Builder