Logback
This hub aggregates every CVE we track for Logback, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
OSS Librarieslibrary
4
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 4 most recently published vulnerabilities affecting Logback.
- CVE-2023-6481Logback "receiver" DOS vulnerability CVE-2023-6378 incomplete fix7.1
- CVE-2023-6378Logback "receiver" DOS vulnerability 7.1
- CVE-2021-42550RCE from attacker with configuration edit priviledges through JNDI lookup6.6
- CVE-2017-5929QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.9.8
Product normalization is registry-driven with AI assist and human review. How it works