CVE-2021-42550

Vulnerable Component Details
Type Namespace Name Version Package URL
maven ch.qos.logback logback-classic 1.2.6 pkg:maven/ch.qos.logback/logback-classic@1.2.6?type=jar
Vulnerability Details
ID CVE-2021-42550
Description logback-classic - Deserialization of Untrusted Data [CVE-2021-42550] The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
Ratings
Severity Score Method Vector Source
6.6 CVSSv3 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Found By Sonotype OSS-Index
References / Advisories
Weakness Enumeration