CVE-2017-5929 — Vulnetix

Try Vulnetix Request Demo

CVE-2017-5929 PUBLISHED

QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.

EPSS 10.14% · 93.1th percentile

Risk Scores

EPSS Score

10.14%

93.1th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:Pro:16.04:LTS	logback	0, 1:1.1.3-2, 1:1.1.3-2ubuntu0.1~esm1

Timeline

CVE Published
Oct 8, 2019 PoC Published
Apr 14, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Oct 18, 2022 PoC Published
Mar 7, 2023 EPSS Score
Mar 17, 2025 EPSS Score
Mar 19, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score
May 1, 2025 EPSS Score
May 11, 2025 EPSS Score

References

https://ubuntu.com/security/CVE-2017-5929 third-party-advisory
https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8 third-party-advisory
https://github.com/qos-ch/logback/commit/979b042cb1f0b4c1e5869ccc8912e68c39f769f9 third-party-advisory
https://github.com/qos-ch/logback/commit/7fbea6127fa98fc48368ca5e8540eefe0e60cec5 third-party-advisory
https://github.com/qos-ch/logback/commit/3b4f605454534b304770eeee3cb343521fcd6968 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2017-5929 third-party-advisory
Multiples vulnérabilités dans les produits Juniper advisory

Open in Interactive Console →