2 matches found
at.newmedialab.ldpath:ldpath-api (>=0.9.12 <=0.9.13), at.newmedialab.ldpath:ldpath-backend-jena (>=0.9.12 <=0.9.13) +1790 more potentially affected by CVE-2018-8088 via org.slf4j:slf4j-ext (>=1.0-alpha0 <=1.7.25)
org.slf4j:slf4j-ext MAVEN version =1.0-alpha0, =0.9.12, =0.9.12, =0.9.12, =0.9.12, =0.9.11, =0.9.12, =0.1-1, =2.3.0, =2.3.1 and more Source cves: CVE-2018-8088 Source advisory: OSV:GHSA-W77P-8CFG-2X43...
jackson-databind: arbitrary code execution in slf4j-ext class
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...