SUSE CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series...

CVE-2018-8088

An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution...

Huawei EulerOS: Security Advisory for slf4j (EulerOS-SA-2018-1159)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : slf4j (openSUSE-2019-423)

This update for slf4j fixes the following security issue : - CVE-2018-8088: Remote attackers could have bypassed intended access restrictions via crafted data. Disallow EventData deserialization by default from now on bsc1085970. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

EulerOS 2.0 SP3 : slf4j (EulerOS-SA-2018-1159)

According to the versions of the slf4j package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Simple Logging Facade for Java or SLF4J is intended to serve as a simple facade for various logging APIs allowing to the end-user to plug in t...

slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution

An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution...

Amazon Linux 2 : slf4j (ALAS-2018-999)

Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution : An XML deserialization vulnerability was discovered in slf4j's EventData which accepts anXML serialized string and can lead to arbitrary code execution. CVE-2018-8088 C Tenable Network Security, Inc. T...

Important: slf4j

Issue Overview: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution: An XML deserialization vulnerability was discovered in slf4j's EventData which accepts anXML serialized string and can lead to arbitrary code execution. CVE-2018-8088 Affected Packages:...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4 and fix three security issues, several bugs, and add various enhancements are now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A...

CentOS Update for slf4j CESA-2018:0592 centos7

Check the version of slf4j SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882865";...

CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series...