ch.qos.logback:logback-core@1.2.10 vulnerabilities
-
latest version
1.5.12
-
latest non vulnerable version
-
first published
18 years ago
-
latest version published
24 days ago
-
licenses detected
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the ch.qos.logback:logback-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
ch.qos.logback:logback-core is a logback-core module. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') via the Note: Successful exploitation requires the logback-receiver component being enabled and also reachable by the attacker. How to fix Uncontrolled Resource Consumption ('Resource Exhaustion')? Upgrade |
[,1.2.13)
[1.3.0,1.3.14)
[1.4.0,1.4.14)
|
ch.qos.logback:logback-core is a logback-core module. Affected versions of this package are vulnerable to Denial of Service (DoS). An attacker can mount a denial-of-service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. How to fix Denial of Service (DoS)? Upgrade |
[,1.2.13)
[1.3.0-alpha0,1.3.12)
[1.4.0,1.4.12)
|