CVE-2023-6481 - Denial of Service (DoS)

Severity: None2024-02-19

Abstract

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

The Oxygen products incorporate logback as a third-party libraries. This advisory was opened to address the potential impact of this third-party libraries vulnerability.

Affected Products/Versions

Product	Severity	Fixed Release Availability
Oxygen Content Fusion v6.0 and older	None	N/A
Oxygen Feedback v4.0 and older	None	Oxygen Feedback 4.1 build 2024013118

Mitigation

None

Detail

CVE-2023-6481

Severity: High

CVSS Score: 7.5

The logback third-party libraries used by Oxygen XML products are an affected version mentioned in CVE-2023-6481 vulnerability description. However, Oxygen XML products do not use receiver component part of logback. For that reason, Oxygen XML products are not affected by this vulnerability.

List of Security Advisories

Oxygen XML Editor
Starting from
Academic $6/month
Personal $240
Business $942

Video Tutorials

Upcoming Events

Balisage: The Markup Conference 2024

CVE-2023-6481 - Denial of Service (DoS)

Abstract

Affected Products/Versions

Mitigation

Detail

Products

Features

Shop

Resources

Support

Company