A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| ch.qos.logback:logback-core(Maven) | 1.4.13 | 1.4.14 | N/A |
| ch.qos.logback:logback-core(Maven) | 1.3.13 | 1.3.14 | N/A |
| ch.qos.logback:logback-core(Maven) | 1.2.12 | 1.2.13 | N/A |
CVSS Metrics
