Qoschsarl Logback Core
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Qoschsarl Logback Core.
By the Year
In 2026 there have been 0 vulnerabilities in Qoschsarl Logback Core. Last year, in 2025 Logback Core had 1 security vulnerability published. Right now, Logback Core is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 0.00 |
It may take a day or so for new Logback Core vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Qoschsarl Logback Core Security Vulnerabilities
Logback-core 1.5.18 ACE via Env. Var. Config Arbitrary Code Exec
CVE-2025-11226
- October 01, 2025
ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution. A successful attack requires the presence of Janino library and Spring Framework to be present on the user's class path. In addition, the attacker must have write access to a configuration file. Alternatively, the attacker could inject a malicious environment variable pointing to a malicious configuration file. In both cases, the attack requires existing privilege.
Improper Input Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Qoschsarl Logback Core or by Qoschsarl? Click the Watch button to subscribe.
