In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade ch.qos.logback:logback-classic
to version 1.5.13 or higher.
ch.qos.logback:logback-classic is a reliable, generic, fast and flexible logging library for Java.
Affected versions of this package are vulnerable to Improper Neutralization of Special Elements via the JaninoEventEvaluator
extension. An attacker can execute arbitrary code by compromising an existing logback configuration file or injecting an environment variable before program execution.