18 matches found
logback-1.2.13-1.1 on GA media (moderate)
logback-1.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2025:15597-1 Rating: moderate Cross-References: CVE-2023-6378 CVE-2023-6481 CVE-2025-11226 CVSS scores: CVE-2025-11226 SUSE : 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves 3...
Security Bulletin: Denial of Service in Logback used by Apache Zookeeper affect IBM Operations Analytics - Log Analysis (CVE-2023-6481)
Summary There is a potential denial of service in Logback that is used by Apache Zookeeper. This is caused by serialization vulnerability in Logback. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in...
Linux Distros Unpatched Vulnerability : CVE-2023-6481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service...
Security Bulletin: IBM Master Data Management vulnerable to denial of service in IBM Business Automation Workflow using Logback
Summary IBM Master Data Management version 14.0 is impacted by vulnerability in IBM Business Automation Workflow. QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logback receiver component. By sending a specially crafted data, a local attacker could...
Security Bulletin: Vulnerabilities in Logback might affect IBM Storage Copy Data Management
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Logback. A local or remote attacker could exploit these vulnerabilities to cause a denial of service condition as described by the CVE in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2023-6481...
Important: Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update
Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...
Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update
Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Security Bulletin: Vulnerabilities in Logback may affect the IBM Spectrum Protect Server (CVE-2023-6481)
Summary The IBM Spectrum Protect Server may be affected by vulnerabilities in Logback such as denial of service caused by a serializaion flaw in the logback receiver component. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused ...
Atlassian Confluence 6.0.1 < 7.19.18 / 7.20.x < 8.5.5 / 8.6.x < 8.7.2 / 8.8.0 (CONFSERVER-94111)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-94111 advisory. - This High severity ch.qos.logback:logback-classic Dependency vulnerability was introduced in versions 6.0.1 of Confluence Data Center and Server...
Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.3 release security update
Red Hat Integration Camel for Spring Boot 4.0.3 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Security Bulletin: vulnerability in Logback might affect IBM Business Automation Workflow - CVE-2023-6481
Summary The Documentation Generator for Case Solutions in IBM Business Automation Workflow might be affected by a vulnerability in LogBack. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logbac...
ch.qos.logback:logback-access (=1.3.13), ch.qos.logback:logback-classic (=1.3.13) +28 more potentially affected by CVE-2023-6481 via ch.qos.logback:logback-core (=1.3.13)
ch.qos.logback:logback-core MAVEN version =1.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on ch.qos.logback:logback-core and may be impacted: - ch.qos.logback:logback-access =1.3.13 - ch.qos.logback:logback-classic =1.3.13 -...
ai.apiverse:apipulse (=1.0.1), ai.timefold.solver:timefold-solver-distribution-internal (=0.8.41) +6970 more potentially affected by CVE-2023-6481 via ch.qos.logback:logback-core (=1.2.12)
ch.qos.logback:logback-core MAVEN version =1.2.12 is affected by a known vulnerability. The following packages have a transitive dependency on ch.qos.logback:logback-core and may be impacted: - ai.apiverse:apipulse =1.0.1 - ai.timefold.solver:timefold-solver-distribution-internal =0.8.41 -...
be.yildiz-games:common-logging-logback (=1.1.25), ch.qos.logback:logback-access (=1.4.13) +130 more potentially affected by CVE-2023-6481 via ch.qos.logback:logback-core (=1.4.13)
ch.qos.logback:logback-core MAVEN version =1.4.13 is affected by a known vulnerability. The following packages have a transitive dependency on ch.qos.logback:logback-core and may be impacted: - be.yildiz-games:common-logging-logback =1.1.25 - ch.qos.logback:logback-access =1.4.13 -...
CVE-2023-6481 vulnerabilities
Vulnerabilities for packages: stargate...
CVE-2023-6481
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...
CVE-2023-6481
CVE-2023-6481 concerns the logback receiver component in logback, affected in versions 1.4.13, 1.3.13, and 1.2.12. It describes a serialization vulnerability that enables a Denial-of-Service attack when poisoned data is received. The connected documents corroborate a DoS impact and reference mult...
CVE-2023-6481 Logback "receiver" DOS vulnerability CVE-2023-6378 incomplete fix
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...