ID CVE-2017-5929
Summary QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
References
Vulnerable Configurations
  • cpe:2.3:a:qos:logback:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.10:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.11:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.11:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.12:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.12:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.13:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.13:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.14:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.14:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.15:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.15:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.16:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.16:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.17:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.17:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.18:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.18:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.19:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.19:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.20:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.20:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.21:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.21:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.22:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.22:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.23:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.23:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.24:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.24:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.25:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.25:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.26:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.26:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.27:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.27:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.28:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.28:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.29:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.29:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:0.9.30:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:0.9.30:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:qos:logback:1.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:qos:logback:1.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-04-2022 - 17:58)
Impact:
Exploitability:
CWE CWE-502
CAPEC
  • Object Injection
    An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2017:1675
  • rhsa
    id RHSA-2017:1676
  • rhsa
    id RHSA-2017:1832
  • rhsa
    id RHSA-2018:2927
rpms
  • SOAPpy-0:0.11.6-17.el7
  • ansiblerole-insights-client-0:1.5-1.el7sat
  • candlepin-0:2.4.8-1.el7
  • candlepin-selinux-0:2.4.8-1.el7
  • createrepo_c-0:0.7.4-1.el7sat
  • createrepo_c-debuginfo-0:0.7.4-1.el7sat
  • createrepo_c-libs-0:0.7.4-1.el7sat
  • foreman-0:1.18.0.37-1.el7sat
  • foreman-bootloaders-redhat-0:201801241201-3.el7sat
  • foreman-bootloaders-redhat-tftpboot-0:201801241201-3.el7sat
  • foreman-cli-0:1.18.0.37-1.el7sat
  • foreman-compute-0:1.18.0.37-1.el7sat
  • foreman-debug-0:1.18.0.37-1.el7sat
  • foreman-ec2-0:1.18.0.37-1.el7sat
  • foreman-gce-0:1.18.0.37-1.el7sat
  • foreman-installer-1:1.18.0.2-1.el7sat
  • foreman-installer-katello-0:3.7.0.10-1.el7sat
  • foreman-journald-0:1.18.0.37-1.el7sat
  • foreman-libvirt-0:1.18.0.37-1.el7sat
  • foreman-openstack-0:1.18.0.37-1.el7sat
  • foreman-ovirt-0:1.18.0.37-1.el7sat
  • foreman-postgresql-0:1.18.0.37-1.el7sat
  • foreman-proxy-0:1.18.0.1-1.el7sat
  • foreman-proxy-content-0:3.7.0-8.el7sat
  • foreman-rackspace-0:1.18.0.37-1.el7sat
  • foreman-selinux-0:1.18.0.1-1.el7sat
  • foreman-telemetry-0:1.18.0.37-1.el7sat
  • foreman-vmware-0:1.18.0.37-1.el7sat
  • hfsplus-tools-0:332.14-12.el7
  • hfsplus-tools-debuginfo-0:332.14-12.el7
  • katello-0:3.7.0-8.el7sat
  • katello-certs-tools-0:2.4.0-2.el7sat
  • katello-client-bootstrap-0:1.6.0-1.el7sat
  • katello-common-0:3.7.0-8.el7sat
  • katello-debug-0:3.7.0-8.el7sat
  • katello-installer-base-0:3.7.0.10-1.el7sat
  • katello-selinux-0:3.0.3-2.el7sat
  • katello-service-0:3.7.0-8.el7sat
  • kobo-0:0.5.1-1.el7sat
  • libstemmer-0:0-2.585svn.el7sat
  • libstemmer-debuginfo-0:0-2.585svn.el7sat
  • libwebsockets-0:2.1.0-3.el7
  • libwebsockets-debuginfo-0:2.1.0-3.el7
  • liquibase-0:3.1.0-1.el7
  • livecd-tools-1:20.4-1.6.el7sat
  • mod_passenger-0:4.0.18-24.el7sat
  • mod_xsendfile-0:0.12-10.el7sat
  • mod_xsendfile-debuginfo-0:0.12-10.el7sat
  • mongodb-0:2.6.11-2.el7sat
  • mongodb-debuginfo-0:2.6.11-2.el7sat
  • mongodb-server-0:2.6.11-2.el7sat
  • ostree-0:2017.1-2.atomic.el7
  • ostree-debuginfo-0:2017.1-2.atomic.el7
  • pcp-mmvstatsd-0:0.4-1.el7sat
  • pulp-admin-client-0:2.16.4.1-1.el7sat
  • pulp-docker-admin-extensions-0:3.1.4.1-1.el7sat
  • pulp-docker-plugins-0:3.1.4.1-1.el7sat
  • pulp-katello-0:1.0.2-5.el7sat
  • pulp-maintenance-0:2.16.4.1-1.el7sat
  • pulp-nodes-child-0:2.16.4.1-1.el7sat
  • pulp-nodes-common-0:2.16.4.1-1.el7sat
  • pulp-nodes-parent-0:2.16.4.1-1.el7sat
  • pulp-ostree-admin-extensions-0:1.3.0-1.el7sat
  • pulp-ostree-plugins-0:1.3.0-1.el7sat
  • pulp-puppet-admin-extensions-0:2.16.4-3.el7sat
  • pulp-puppet-plugins-0:2.16.4-3.el7sat
  • pulp-puppet-tools-0:2.16.4-3.el7sat
  • pulp-rpm-admin-extensions-0:2.16.4.1-5.el7sat
  • pulp-rpm-plugins-0:2.16.4.1-5.el7sat
  • pulp-selinux-0:2.16.4.1-1.el7sat
  • pulp-server-0:2.16.4.1-1.el7sat
  • puppet-agent-0:5.5.0-2.el7sat
  • puppet-agent-oauth-0:0.5.1-3.el7sat
  • puppet-foreman_scap_client-0:0.3.16-3.el7sat
  • puppetlabs-stdlib-0:4.2.1-1.20140510git08b00d9.el7sat
  • puppetserver-0:5.3.1-1.el7sat
  • python-anyjson-0:0.3.3-5.el7sat
  • python-billiard-debuginfo-1:3.5.0.3-3.el7sat
  • python-blinker-0:1.3-2.el7sat
  • python-bson-0:3.2-1.el7sat
  • python-crane-0:3.1.1-1.el7sat
  • python-flask-1:0.10.1-4.el7sat
  • python-fpconst-0:0.7.3-12.el7
  • python-gnupg-0:0.3.7-1.el7ui
  • python-gofer-0:2.12.1-1.el7sat
  • python-gofer-qpid-0:2.12.1-1.el7sat
  • python-imgcreate-1:20.4-1.6.el7sat
  • python-isodate-0:0.5.0-5.pulp.el7sat
  • python-itsdangerous-0:0.23-1.el7sat
  • python-jinja2-0:2.7.2-2.el7sat
  • python-kid-0:0.9.6-11.el7sat
  • python-mongoengine-0:0.10.5-2.el7sat
  • python-nectar-0:1.5.6-1.el7sat
  • python-oauth2-0:1.5.211-8.el7sat
  • python-okaara-0:1.0.32-1.el7sat
  • python-pulp-agent-lib-0:2.16.4.1-1.el7sat
  • python-pulp-bindings-0:2.16.4.1-1.el7sat
  • python-pulp-client-lib-0:2.16.4.1-1.el7sat
  • python-pulp-common-0:2.16.4.1-1.el7sat
  • python-pulp-docker-common-0:3.1.4.1-1.el7sat
  • python-pulp-integrity-0:2.16.4.1-5.el7sat
  • python-pulp-oid_validation-0:2.16.4.1-1.el7sat
  • python-pulp-ostree-common-0:1.3.0-1.el7sat
  • python-pulp-puppet-common-0:2.16.4-3.el7sat
  • python-pulp-repoauth-0:2.16.4.1-1.el7sat
  • python-pulp-rpm-common-0:2.16.4.1-5.el7sat
  • python-pulp-streamer-0:2.16.4.1-1.el7sat
  • python-pymongo-0:3.2-1.el7sat
  • python-pymongo-debuginfo-0:3.2-1.el7sat
  • python-pymongo-gridfs-0:3.2-1.el7sat
  • python-qpid-0:1.35.0-5.el7
  • python-qpid-proton-0:0.16.0-12.el7sat
  • python-qpid-qmf-0:1.36.0-19.el7
  • python-saslwrapper-0:0.22-5.el7sat
  • python-semantic_version-0:2.2.0-6.el7sat
  • python-simplejson-0:3.2.0-1.el7sat
  • python-simplejson-debuginfo-0:3.2.0-1.el7sat
  • python-twisted-core-0:12.2.0-4.el7
  • python-twisted-core-debuginfo-0:12.2.0-4.el7
  • python-twisted-web-0:12.1.0-5.el7_2
  • python-werkzeug-0:0.9.1-1.el7sat
  • python-zope-interface-0:4.0.5-4.el7
  • python-zope-interface-debuginfo-0:4.0.5-4.el7
  • python2-amqp-0:2.2.2-3.el7sat
  • python2-billiard-1:3.5.0.3-3.el7sat
  • python2-celery-0:4.0.2-4.el7sat
  • python2-django-0:1.11.11-1.el7sat
  • python2-kombu-1:4.0.2-8.el7sat
  • python2-vine-0:1.1.3-4.el7sat
  • qpid-cpp-client-0:1.36.0-19.el7
  • qpid-cpp-client-devel-0:1.36.0-19.el7
  • qpid-cpp-debuginfo-0:1.36.0-19.el7
  • qpid-cpp-server-0:1.36.0-19.el7
  • qpid-cpp-server-linearstore-0:1.36.0-19.el7
  • qpid-dispatch-debuginfo-0:0.8.0-19.el7
  • qpid-dispatch-router-0:0.8.0-19.el7
  • qpid-dispatch-tools-0:0.8.0-19.el7
  • qpid-proton-c-0:0.16.0-12.el7sat
  • qpid-proton-debuginfo-0:0.16.0-12.el7sat
  • qpid-qmf-0:1.36.0-19.el7
  • qpid-tools-0:1.36.0-19.el7
  • redhat-access-insights-puppet-0:0.0.9-3.el7sat
  • repoview-0:0.6.6-4.el7sat
  • rubygem-ansi-0:1.4.3-3.el7sat
  • rubygem-bundler_ext-0:0.4.1-3.el7sat
  • rubygem-clamp-0:1.1.2-2.el7sat
  • rubygem-concurrent-ruby-1:1.0.3-6.el7sat
  • rubygem-facter-0:2.4.1-2.el7sat
  • rubygem-fast_gettext-0:1.1.0-4.el7sat
  • rubygem-ffi-0:1.4.0-3.el7sat
  • rubygem-ffi-debuginfo-0:1.4.0-3.el7sat
  • rubygem-foreman_scap_client-0:0.3.0-3.el7sat
  • rubygem-gssapi-0:1.1.2-4.el7sat
  • rubygem-hashie-0:2.0.5-5.el7sat
  • rubygem-highline-0:1.7.8-3.el7sat
  • rubygem-kafo-0:2.1.0-1.el7sat
  • rubygem-kafo_parsers-0:0.1.6-1.el7sat
  • rubygem-kafo_wizards-0:0.0.1-2.el7sat
  • rubygem-little-plugger-0:1.1.3-22.el7sat
  • rubygem-logging-0:2.2.2-1.el7sat
  • rubygem-mime-types-0:1.19-7.el7sat
  • rubygem-multi_json-0:1.12.2-2.el7sat
  • rubygem-netrc-0:0.7.7-9.el7sat
  • rubygem-newt-0:0.9.6-3.el7sat
  • rubygem-newt-debuginfo-0:0.9.6-3.el7sat
  • rubygem-oauth-0:0.5.4-2.el7sat
  • rubygem-openscap-0:0.4.7-3.el7sat
  • rubygem-passenger-0:4.0.18-24.el7sat
  • rubygem-passenger-debuginfo-0:4.0.18-24.el7sat
  • rubygem-passenger-native-0:4.0.18-24.el7sat
  • rubygem-passenger-native-libs-0:4.0.18-24.el7sat
  • rubygem-powerbar-0:1.0.17-2.el7sat
  • rubygem-rack-1:1.6.4-3.el7sat
  • rubygem-rack-protection-0:1.5.3-4.el7sat
  • rubygem-rake-0:0.9.2.2-41.el7sat
  • rubygem-rb-inotify-0:0.9.7-4.el7sat
  • rubygem-rest-client-0:1.6.7-7.el7sat
  • rubygem-rkerberos-0:0.1.3-5.el7sat
  • rubygem-rkerberos-debuginfo-0:0.1.3-5.el7sat
  • rubygem-rsec-0:0.4.2-2.el7sat
  • rubygem-rubyipmi-0:0.10.0-2.el7sat
  • rubygem-sinatra-1:1.4.7-3.el7sat
  • rubygem-smart_proxy_ansible-0:2.0.2-3.el7sat
  • rubygem-smart_proxy_dhcp_remote_isc-0:0.0.4-1.el7sat
  • rubygem-smart_proxy_discovery-0:1.0.4-1.el7sat
  • rubygem-smart_proxy_discovery_image-0:1.0.9-2.el7sat
  • rubygem-smart_proxy_dynflow-0:0.2.1-2.el7sat
  • rubygem-smart_proxy_openscap-0:0.6.11-1.el7sat
  • rubygem-smart_proxy_pulp-0:1.3.0-1.el7sat
  • rubygem-smart_proxy_remote_execution_ssh-0:0.2.0-3.el7sat
  • rubygem-tilt-0:1.3.7-2.git.0.3b416c9.el7sat
  • saslwrapper-0:0.22-5.el7sat
  • saslwrapper-debuginfo-0:0.22-5.el7sat
  • satellite-0:6.4.0-15.el7sat
  • satellite-capsule-0:6.4.0-15.el7sat
  • satellite-cli-0:6.4.0-15.el7sat
  • satellite-common-0:6.4.0-15.el7sat
  • satellite-debug-tools-0:6.4.0-15.el7sat
  • satellite-installer-0:6.4.0.7-2.el7sat
  • tfm-ror51-rubygem-actioncable-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-actionmailer-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-actionpack-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-actionview-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-activejob-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-activemodel-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-activerecord-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-activesupport-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-arel-0:8.0.0-1.el7sat
  • tfm-ror51-rubygem-builder-0:3.2.3-1.el7sat
  • tfm-ror51-rubygem-coffee-rails-0:4.2.2-1.el7sat
  • tfm-ror51-rubygem-coffee-script-0:2.4.1-1.el7sat
  • tfm-ror51-rubygem-coffee-script-source-0:1.12.2-1.el7sat
  • tfm-ror51-rubygem-concurrent-ruby-0:1.0.5-4.el7sat
  • tfm-ror51-rubygem-crass-0:1.0.2-1.el7sat
  • tfm-ror51-rubygem-erubi-0:1.7.0-1.el7sat
  • tfm-ror51-rubygem-execjs-0:2.7.0-1.el7sat
  • tfm-ror51-rubygem-globalid-0:0.4.1-1.el7sat
  • tfm-ror51-rubygem-i18n-0:0.9.1-2.el7sat
  • tfm-ror51-rubygem-loofah-0:2.1.1-2.el7sat
  • tfm-ror51-rubygem-mail-0:2.7.0-2.el7sat
  • tfm-ror51-rubygem-method_source-0:0.9.0-1.el7sat
  • tfm-ror51-rubygem-mime-types-0:3.1-1.el7sat
  • tfm-ror51-rubygem-mime-types-data-0:3.2016.0521-1.el7sat
  • tfm-ror51-rubygem-mini_mime-0:1.0.0-1.el7sat
  • tfm-ror51-rubygem-multi_json-0:1.12.2-1.el7sat
  • tfm-ror51-rubygem-mustermann-0:1.0.1-1.el7sat
  • tfm-ror51-rubygem-nio4r-0:2.1.0-1.el7sat
  • tfm-ror51-rubygem-nio4r-debuginfo-0:2.1.0-1.el7sat
  • tfm-ror51-rubygem-nokogiri-0:1.8.1-1.el7sat
  • tfm-ror51-rubygem-nokogiri-debuginfo-0:1.8.1-1.el7sat
  • tfm-ror51-rubygem-rack-0:2.0.3-1.el7sat
  • tfm-ror51-rubygem-rack-protection-0:2.0.0-1.el7sat
  • tfm-ror51-rubygem-rack-test-0:0.7.0-1.el7sat
  • tfm-ror51-rubygem-rails-dom-testing-0:2.0.3-1.el7sat
  • tfm-ror51-rubygem-rails-html-sanitizer-0:1.0.3-2.el7sat
  • tfm-ror51-rubygem-railties-0:5.1.6-1.el7sat
  • tfm-ror51-rubygem-sinatra-0:2.0.0-1.el7sat
  • tfm-ror51-rubygem-sprockets-0:3.7.1-1.el7sat
  • tfm-ror51-rubygem-sprockets-rails-0:3.2.1-1.el7sat
  • tfm-ror51-rubygem-sqlite3-0:1.3.13-1.el7sat
  • tfm-ror51-rubygem-sqlite3-debuginfo-0:1.3.13-1.el7sat
  • tfm-ror51-rubygem-thor-0:0.20.0-1.el7sat
  • tfm-ror51-rubygem-thread_safe-0:0.3.6-1.el7sat
  • tfm-ror51-rubygem-tilt-0:2.0.8-1.el7sat
  • tfm-ror51-rubygem-turbolinks-0:2.5.4-1.el7sat
  • tfm-ror51-rubygem-tzinfo-0:1.2.4-2.el7sat
  • tfm-ror51-rubygem-websocket-driver-0:0.6.5-2.el7sat
  • tfm-ror51-rubygem-websocket-driver-debuginfo-0:0.6.5-2.el7sat
  • tfm-ror51-rubygem-websocket-extensions-0:0.1.2-1.el7sat
  • tfm-ror51-runtime-0:1.1-2.el7sat
  • tfm-rubygem-activerecord-session_store-0:1.1.0-6.el7sat
  • tfm-rubygem-addressable-0:2.3.6-5.el7sat
  • tfm-rubygem-algebrick-0:0.7.3-5.el7sat
  • tfm-rubygem-ancestry-0:3.0.0-2.el7sat
  • tfm-rubygem-anemone-0:0.7.2-19.el7sat
  • tfm-rubygem-angular-rails-templates-1:1.0.2-2.el7sat
  • tfm-rubygem-apipie-bindings-0:0.2.2-1.el7sat
  • tfm-rubygem-apipie-params-0:0.0.5-4.el7sat
  • tfm-rubygem-apipie-rails-0:0.5.7-1.el7sat
  • tfm-rubygem-audited-0:4.7.0-1.el7sat
  • tfm-rubygem-autoparse-0:0.3.3-9.el7sat
  • tfm-rubygem-awesome_print-0:1.8.0-2.el7sat
  • tfm-rubygem-bastion-0:6.1.11-1.el7sat
  • tfm-rubygem-bundler_ext-0:0.4.1-3.el7sat
  • tfm-rubygem-clamp-0:1.1.2-2.el7sat
  • tfm-rubygem-concurrent-ruby-edge-1:0.2.4-1.el7sat
  • tfm-rubygem-css_parser-0:1.4.7-2.el7sat
  • tfm-rubygem-daemons-0:1.2.3-6.el7sat
  • tfm-rubygem-deacon-0:1.0.0-3.el7sat
  • tfm-rubygem-deep_cloneable-0:2.2.2-2.el7sat
  • tfm-rubygem-deface-0:1.2.0-10.el7sat
  • tfm-rubygem-diffy-0:3.0.1-5.el7sat
  • tfm-rubygem-docker-api-0:1.28.0-3.el7sat
  • tfm-rubygem-domain_name-0:0.5.20160310-3.el7sat
  • tfm-rubygem-dynflow-0:1.0.5.1-1.el7sat
  • tfm-rubygem-excon-0:0.58.0-2.el7sat
  • tfm-rubygem-extlib-0:0.9.16-5.el7sat
  • tfm-rubygem-facter-0:2.4.0-5.el7sat
  • tfm-rubygem-faraday-0:0.9.1-5.el7sat
  • tfm-rubygem-fast_gettext-0:1.4.1-2.el7sat
  • tfm-rubygem-ffi-0:1.4.0-11.el7sat
  • tfm-rubygem-ffi-debuginfo-0:1.4.0-11.el7sat
  • tfm-rubygem-fog-0:1.42.1-1.el7sat
  • tfm-rubygem-fog-aws-0:1.3.0-2.el7sat
  • tfm-rubygem-fog-core-0:1.45.0-2.el7sat
  • tfm-rubygem-fog-digitalocean-0:0.3.0-2.el7sat
  • tfm-rubygem-fog-google-0:0.1.0-4.el7sat
  • tfm-rubygem-fog-json-0:1.0.2-9.el7sat
  • tfm-rubygem-fog-libvirt-0:0.4.1-2.el7sat
  • tfm-rubygem-fog-openstack-0:0.1.25-2.el7sat
  • tfm-rubygem-fog-ovirt-0:1.1.2-1.el7sat
  • tfm-rubygem-fog-rackspace-0:0.1.4-2.el7sat
  • tfm-rubygem-fog-vsphere-0:2.3.0-1.el7sat
  • tfm-rubygem-fog-xenserver-0:0.2.3-3.el7sat
  • tfm-rubygem-fog-xml-0:0.1.2-6.el7sat
  • tfm-rubygem-foreman-redhat_access-0:2.0.13-1.el7sat
  • tfm-rubygem-foreman-tasks-0:0.13.4.2-1.el7sat
  • tfm-rubygem-foreman-tasks-core-0:0.2.5-1.el7sat
  • tfm-rubygem-foreman_ansible-0:2.2.9-2.el7sat
  • tfm-rubygem-foreman_ansible_core-0:2.1.1-1.el7sat
  • tfm-rubygem-foreman_bootdisk-0:12.0.0-1.el7sat
  • tfm-rubygem-foreman_discovery-0:12.0.2.1-1.el7sat
  • tfm-rubygem-foreman_docker-0:4.1.0-1.el7sat
  • tfm-rubygem-foreman_hooks-0:0.3.14.1-1.el7sat
  • tfm-rubygem-foreman_openscap-0:0.10.3-1.el7sat
  • tfm-rubygem-foreman_remote_execution-0:1.5.6-4.el7sat
  • tfm-rubygem-foreman_remote_execution_core-0:1.1.3-1.el7sat
  • tfm-rubygem-foreman_templates-0:6.0.3-1.el7sat
  • tfm-rubygem-foreman_theme_satellite-0:2.0.1.11-1.el7sat
  • tfm-rubygem-foreman_virt_who_configure-0:0.2.2-1.el7sat
  • tfm-rubygem-formatador-0:0.2.1-10.el7sat
  • tfm-rubygem-friendly_id-0:5.1.0-4.el7sat
  • tfm-rubygem-get_process_mem-0:0.2.1-2.el7sat
  • tfm-rubygem-gettext_i18n_rails-0:1.2.1-4.el7sat
  • tfm-rubygem-git-0:1.2.5-8.el7sat
  • tfm-rubygem-google-api-client-0:0.8.2-10.el7sat
  • tfm-rubygem-gssapi-0:1.2.0-4.el7sat
  • tfm-rubygem-hammer_cli-0:0.13.1-1.el7sat
  • tfm-rubygem-hammer_cli_csv-0:2.3.1-2.el7sat
  • tfm-rubygem-hammer_cli_foreman-0:0.13.2.1-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_admin-0:0.0.8-2.el7sat
  • tfm-rubygem-hammer_cli_foreman_ansible-0:0.1.1-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_bootdisk-0:0.1.3.3-3.el7sat
  • tfm-rubygem-hammer_cli_foreman_discovery-0:1.0.0-2.el7sat
  • tfm-rubygem-hammer_cli_foreman_docker-0:0.0.6-3.el7sat
  • tfm-rubygem-hammer_cli_foreman_openscap-0:0.1.6-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_remote_execution-0:0.1.0-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_tasks-0:0.0.12-2.el7sat
  • tfm-rubygem-hammer_cli_foreman_templates-0:0.1.0-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_virt_who_configure-0:0.0.3-2.el7sat
  • tfm-rubygem-hammer_cli_katello-0:0.13.4.3-1.el7sat
  • tfm-rubygem-hashie-0:2.0.5-5.el7sat
  • tfm-rubygem-highline-0:1.7.8-3.el7sat
  • tfm-rubygem-http-cookie-0:1.0.2-4.el7sat
  • tfm-rubygem-ipaddress-0:0.8.0-10.el7sat
  • tfm-rubygem-jgrep-0:1.3.3-11.el7sat
  • tfm-rubygem-journald-logger-0:2.0.3-1.el7sat
  • tfm-rubygem-journald-native-0:1.0.10-1.el7sat
  • tfm-rubygem-journald-native-debuginfo-0:1.0.10-1.el7sat
  • tfm-rubygem-jwt-0:1.2.0-5.el7sat
  • tfm-rubygem-katello-0:3.7.0.41-1.el7sat
  • tfm-rubygem-launchy-0:2.4.3-5.el7sat
  • tfm-rubygem-ldap_fluff-0:0.4.7-2.el7sat
  • tfm-rubygem-little-plugger-0:1.1.3-22.el7sat
  • tfm-rubygem-locale-0:2.0.9-12.el7sat
  • tfm-rubygem-logging-0:2.2.2-4.el7sat
  • tfm-rubygem-logging-journald-0:1.0.0-1.el7sat
  • tfm-rubygem-multipart-post-0:1.2.0-5.el7sat
  • tfm-rubygem-net-ldap-0:0.15.0-2.el7sat
  • tfm-rubygem-net-ping-0:2.0.1-2.el7sat
  • tfm-rubygem-net-scp-0:1.2.1-2.el7sat
  • tfm-rubygem-net-ssh-0:4.0.1-4.el7sat
  • tfm-rubygem-net-ssh-krb-0:0.4.0-2.el7sat
  • tfm-rubygem-netrc-0:0.11.0-2.el7sat
  • tfm-rubygem-oauth-0:0.5.4-2.el7sat
  • tfm-rubygem-ovirt-engine-sdk-0:4.2.3-1.el7sat
  • tfm-rubygem-ovirt-engine-sdk-debuginfo-0:4.2.3-1.el7sat
  • tfm-rubygem-ovirt_provision_plugin-0:1.0.2-2.el7sat
  • tfm-rubygem-parse-cron-0:0.1.4-3.el7sat
  • tfm-rubygem-passenger-0:4.0.18-24.el7sat
  • tfm-rubygem-passenger-debuginfo-0:4.0.18-24.el7sat
  • tfm-rubygem-passenger-native-0:4.0.18-24.el7sat
  • tfm-rubygem-passenger-native-libs-0:4.0.18-24.el7sat
  • tfm-rubygem-pg-0:0.21.0-2.el7sat
  • tfm-rubygem-pg-debuginfo-0:0.21.0-2.el7sat
  • tfm-rubygem-polyglot-0:0.3.5-2.el7sat
  • tfm-rubygem-powerbar-0:1.0.17-2.el7sat
  • tfm-rubygem-prometheus-client-0:0.7.1-1.el7sat
  • tfm-rubygem-qpid_messaging-0:1.36.0-2.el7sat
  • tfm-rubygem-qpid_messaging-debuginfo-0:1.36.0-2.el7sat
  • tfm-rubygem-quantile-0:0.2.0-1.el7sat
  • tfm-rubygem-rabl-0:0.13.1-1.el7sat
  • tfm-rubygem-rack-jsonp-0:1.3.1-6.el7sat
  • tfm-rubygem-rails-i18n-0:5.0.4-1.el7sat
  • tfm-rubygem-rainbow-0:2.2.1-4.el7sat
  • tfm-rubygem-rbovirt-0:0.1.7-1.el7sat
  • tfm-rubygem-rbvmomi-0:1.10.0-2.el7sat
  • tfm-rubygem-record_tag_helper-0:1.0.0-1.el7sat
  • tfm-rubygem-redhat_access-0:2.1.6-2.el7sat
  • tfm-rubygem-redhat_access_lib-0:1.1.4-2.el7sat
  • tfm-rubygem-responders-0:2.4.0-1.el7sat
  • tfm-rubygem-rest-client-0:2.0.1-2.el7sat
  • tfm-rubygem-retriable-0:1.4.1-5.el7sat
  • tfm-rubygem-roadie-0:3.2.2-1.el7sat
  • tfm-rubygem-roadie-rails-0:1.2.1-1.el7sat
  • tfm-rubygem-robotex-0:1.0.0-20.el7sat
  • tfm-rubygem-ruby-libvirt-0:0.7.0-3.el7sat
  • tfm-rubygem-ruby-libvirt-debuginfo-0:0.7.0-3.el7sat
  • tfm-rubygem-ruby2ruby-0:2.4.0-1.el7sat
  • tfm-rubygem-ruby_parser-0:3.10.1-1.el7sat
  • tfm-rubygem-runcible-0:2.8.1-1.el7sat
  • tfm-rubygem-safemode-0:1.3.5-1.el7sat
  • tfm-rubygem-scoped_search-0:4.1.3-1.el7sat
  • tfm-rubygem-secure_headers-0:5.0.5-1.el7sat
  • tfm-rubygem-sequel-0:5.7.1-1.el7sat
  • tfm-rubygem-sexp_processor-0:4.10.0-4.el7sat
  • tfm-rubygem-signet-0:0.6.0-9.el7sat
  • tfm-rubygem-smart_proxy_dynflow_core-0:0.2.1-2.el7sat
  • tfm-rubygem-sshkey-0:1.9.0-2.el7sat
  • tfm-rubygem-statsd-instrument-0:2.1.4-1.el7sat
  • tfm-rubygem-trollop-0:2.1.2-2.el7sat
  • tfm-rubygem-unf-0:0.1.3-6.el7sat
  • tfm-rubygem-unf_ext-0:0.0.6-8.el7sat
  • tfm-rubygem-unf_ext-debuginfo-0:0.0.6-8.el7sat
  • tfm-rubygem-unicode-0:0.4.4.1-5.el7sat
  • tfm-rubygem-unicode-debuginfo-0:0.4.4.1-5.el7sat
  • tfm-rubygem-unicode-display_width-0:1.0.5-4.el7sat
  • tfm-rubygem-useragent-0:0.16.8-2.el7sat
  • tfm-rubygem-validates_lengths_from_database-0:0.5.0-4.el7sat
  • tfm-rubygem-webpack-rails-0:0.9.8-4.el7sat
  • tfm-rubygem-wicked-0:1.3.2-1.el7sat
  • tfm-rubygem-will_paginate-0:3.1.5-2.el7sat
  • tfm-rubygem-x-editable-rails-0:1.5.5-3.el7sat
  • tfm-runtime-0:4.0-3.el7sat
  • v8-1:3.14.5.10-19.el7sat
  • v8-debuginfo-1:3.14.5.10-19.el7sat
  • yaml-cpp-0:0.5.1-7.el7sat
  • yaml-cpp-debuginfo-0:0.5.1-7.el7sat
refmap via4
confirm https://logback.qos.ch/news.html
mlist
  • [brooklyn-dev] 20200420 [GitHub] [brooklyn-server] duncangrant opened a new pull request #1091: Update library versions due to CVEs
  • [cassandra-commits] 20191112 [jira] [Created] (CASSANDRA-15411) [9.8] [CVE-2017-5929] [Cassandra] [2.2.5]
  • [cassandra-commits] 20191112 [jira] [Updated] (CASSANDRA-15411) [9.8] [CVE-2017-5929] [Cassandra] [2.2.5]
  • [cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15421) CVE-2017-5929(QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.)
  • [cassandra-commits] 20210108 [jira] [Commented] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929
  • [cassandra-commits] 20210108 [jira] [Updated] (CASSANDRA-15421) CVE-2017-5929 in 3.11.x (QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.)
  • [cassandra-commits] 20210108 [jira] [Updated] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929
  • [cassandra-commits] 20210111 [jira] [Assigned] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929
  • [cassandra-commits] 20210111 [jira] [Commented] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929
  • [cassandra-commits] 20210111 [jira] [Updated] (CASSANDRA-15411) [9.8] [CVE-2017-5929] [Cassandra] [2.2.5]
  • [cassandra-commits] 20210111 [jira] [Updated] (CASSANDRA-15421) CVE-2017-5929 in 3.11.x (QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.)
  • [cassandra-commits] 20210111 [jira] [Updated] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929
  • [mnemonic-commits] 20201204 [mnemonic] branch master updated: MNEMONIC-553: Fix for CVE-2017-5929
  • [mnemonic-dev] 20201202 [GitHub] [mnemonic] yzz127 opened a new pull request #152: MNEMONIC-553: Fix for CVE-2017-5929
  • [mnemonic-dev] 20201204 [GitHub] [mnemonic] bigdata-memory merged pull request #152: MNEMONIC-553: Fix for CVE-2017-5929
Last major update 18-04-2022 - 17:58
Published 13-03-2017 - 06:59
Last modified 18-04-2022 - 17:58
Back to Top