CNNVD-202601-3841 Information
Jan 22, 2026
cve
CNNVD ID
CNNVD-202601-3841
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
logback-core是QOS.CH开源的一个日志框架的核心模块。 logback-core 1.5.24及之前版本存在安全漏洞,该漏洞源于配置文件处理不当,可能导致攻击者通过篡改现有logback配置文件实例化类路径上的类。
Description (English)
Logback-core is the core module of a log frame open to QOS.CH. There is a security loophole in the logback-core 1.5.24 and earlier versions, which stems from the mishandling of the configuration file and may lead the assailant to tamper with the exemplifying category of the existing logback profile.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
QOS.CH
Published
2026-01-22
Last Modified
2026-02-24
References
https://logback.qos.ch/news.html#1.5.25
Patch
https://logback.qos.ch/news.html
Share on: