QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
{ "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "liblogback-java": "1:1.2.3-2ubuntu1~18.04.1", "liblogback-java-doc": "1:1.2.3-2ubuntu1~18.04.1" } ] }