A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. https://logback.qos.ch/news.html#1.3.12 https://logback.qos.ch/news.html#1.3.14
Created picocli tracking bugs for this issue: Affects: fedora-all [bug 2252957]
This issue has been addressed in the following products: RHINT Camel-Springboot 4.0.3 Via RHSA-2024:0793 https://access.redhat.com/errata/RHSA-2024:0793
This issue has been addressed in the following products: RHOSS-1.31-RHEL-8 Via RHSA-2024:0843 https://access.redhat.com/errata/RHSA-2024:0843
This issue has been addressed in the following products: Red Hat JBoss AMQ Via RHSA-2024:2945 https://access.redhat.com/errata/RHSA-2024:2945
This issue has been addressed in the following products: Red Hat Fuse 7.13.0 Via RHSA-2024:3354 https://access.redhat.com/errata/RHSA-2024:3354