Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GHSA-6v67-2wr5-gvf4] QOS.CH logback-core Server-Side Request Forgery vulnerability #5114

Conversation

omar-napoleon
Copy link

Updates

  • CVSS v4

Comments
the version reported with the fixed in different pages is 1.15.13 and this version does not exist. the real version is 1.5.13.

https://mvnrepository.com/artifact/ch.qos.logback/logback-core

@github-actions github-actions bot changed the base branch from main to omar-napoleon/advisory-improvement-5114 December 20, 2024 17:13
@JonathanLEvans
Copy link

Hi @omar-napoleon, thank you for your interest in GHSA-6v67-2wr5-gvf4. This has been resolved through #5104.

@github-actions github-actions bot deleted the omar-napoleon-GHSA-6v67-2wr5-gvf4 branch December 20, 2024 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants