All vulnerabilities
CVE-2023-6378
logback serialization vulnerability
Description
A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html
Patch Available
Fix available through Seal Security.
No upgrade required, protect your application instantly.
Fix without upgrading
Score
Severity
Ecosystem
Java
Publish Date
November 29, 2023
Modified Date
November 29, 2024
Score Vector
Affected Versions
