ch.qos.logback:logback-core

Published: 19 years ago Last updated: 5 days ago Latest version: 1.5.34 Latest non-vulnerable version: 1.5.34

License

LGPL-2.1[0.5,0.9.18);

GPL-3.0[0.2.5,0.5);

(EPL-2.0 OR LGPL-2.1)[1.5.27,);

(EPL-1.0 OR LGPL-2.1)[0.9.18,1.5.27);

Known vulnerabilities in the ch.qos.logback:logback-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L External Initialization of Trusted Variables or Data Stores	[0.9.20,1.5.25)
M External Initialization of Trusted Variables or Data Stores	[,1.3.16)[1.4.0,1.5.19)
M Improper Neutralization of Special Elements	[,1.3.15)[1.4.0,1.5.13)
L Server-side Request Forgery (SSRF)	[,1.3.15)[1.4.0,1.5.13)
H Uncontrolled Resource Consumption ('Resource Exhaustion')	[,1.2.13)[1.3.0,1.3.14)[1.4.0,1.4.14)
H Denial of Service (DoS)	[,1.2.13)[1.3.0-alpha0,1.3.12)[1.4.0,1.4.12)
M Insufficient Hostname Verification	[,1.2.7)
C Arbitrary Code Execution	[,1.1.11)

165 VERSIONS IN TOTAL See all versions