1. Logback Java Library Exposed to SSRF via XML Configuration Tampering (CVE-2024-12801)
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely-used Logback logging library for Java, exposing applications to potential internal network probing and request forgery attacks. The flaw, tracked as CVE-2024-12801 and rated with medium severity, resides in the `SaxEventRecorder` compo...