CVE-2023-6378

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-6378

Severity

7.5

High

CVSS CVSS_V3

Description

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

References

https://images.chainguard.dev/security/CGA-69p6-hjq3-r85h
https://github.com/advisories/GHSA-vmq6-5m68-f53m
https://images.chainguard.dev/security/CGA-334h-ff83-4pcg
https://images.chainguard.dev/security/CGA-jx7r-g27c-g947
https://images.chainguard.dev/security/CGA-r52f-xj89-6gmg
https://images.chainguard.dev/security/CGA-29jp-5wr3-4555
https://images.chainguard.dev/security/CGA-rcpm-5c72-wgjr
https://images.chainguard.dev/security/CGA-753q-8vfj-7pr3
https://images.chainguard.dev/security/CGA-cxfp-ggmh-c85x
https://images.chainguard.dev/security/CGA-rg2w-hc6f-9pwx
https://images.chainguard.dev/security/CGA-9334-5jx3-592c
https://images.chainguard.dev/security/CGA-p5qq-x3qc-jpwx
https://logback.qos.ch/news.html#1.3.12
https://security.netapp.com/advisory/ntap-20241129-0012/
https://security-tracker.debian.org/tracker/CVE-2023-6378

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal