Description
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
Remediation
References
https://logback.qos.ch/news.html#1.3.12
https://logback.qos.ch/news.html#1.3.14
Related Vulnerabilities
CVE-2021-23597 Vulnerability in npm package fastify-multipart
CVE-2022-31147 Vulnerability in maven package org.webjars.npm:jquery-validation
CVE-2022-36010 Vulnerability in npm package react-editable-json-tree
CVE-2023-40014 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts-upgradeable