ch.qos.logback:logback-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-10532Lowch.qos.logback:logback-core: Logback vulnerable to Object Injection through HardenedObjectInputStream modulesCVE-2026-9828Lowch.qos.logback:logback-core: QOS.CH Sarl logback logback-core has a deserialization of untrusted data vulnerabilityCVE-2026-1225Lowch.qos.logback:logback-core: Logback allows an attacker to instantiate classes already present on the class pathCVE-2025-11226Mediumch.qos.logback:logback-core: QOS.CH logback-core is vulnerable to Arbitrary Code Execution through file processingCVE-2024-12798Mediumch.qos.logback:logback-core: QOS.CH logback-core Expression Language Injection vulnerabilityCVE-2024-12801Lowch.qos.logback:logback-core: QOS.CH logback-core Server-Side Request Forgery vulnerabilityCVE-2023-6481Highch.qos.logback:logback-core: Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned dataCVE-2023-6378Highch.qos.logback:logback-classic: logback serialization vulnerabilityCVE-2021-42550Mediumch.qos.logback:logback-core: Deserialization of Untrusted Data in logbackCVE-2017-5929Criticalch.qos.logback:logback-classic: QOS.ch Logback vulnerable to Deserialization of Untrusted Data

Stop the waste.
Protect your environment with Kodem.