[Aikido] Fix 1 security issue in logback-core, logback-classic by aikido-autofix[bot] · Pull Request #8 · b-social/typeset.logback

aikido-autofix · 2026-02-01T23:41:46Z

Targeted updates to remediate security findings while preserving existing behavior

Upgrade logback dependencies to mitigate remote code execution vulnerability in XML configuration parsing when Janino and Spring are present

✅ 1 CVE resolved by this upgrade

This PR will resolve the following CVEs:

Issue	Severity	Description
AIKIDO-2025-10694	MEDIUM	A remote code execution vulnerability in logback configuration parsing allows arbitrary code execution when Janino and Spring are present, if an attacker can modify config files or set malicious environment variables.

fix(security): update dependencies

0d60d0f

aikido-autofix bot added the Kroo Label created by Aikido AutoFix label Feb 1, 2026

Provide feedback