Azure Linux 3.0 Security Update: slf4j (CVE-2012-6708)

The version of slf4j installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2012-6708 advisory. - jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not...

Azure Linux 3.0 Security Update: slf4j (CVE-2015-9251)

The version of slf4j installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-9251 advisory. - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is...

MiracleLinux 7 : slf4j-1.7.4-4.el7 (AXSA:2018-2646:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2646:01 advisory. slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution CVE-2018-8088 Tenable has extracted the preceding...

Malicious code in jcl-over-slf4j (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6765b8e788daac3b9fcad973360085b07eb23632ecc6e6a30030682e006ff607 Any computer that has this package installed or running should be considered...

MAL-2025-6100 Malicious code in jcl-over-slf4j (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6765b8e788daac3b9fcad973360085b07eb23632ecc6e6a30030682e006ff607 Any computer that has this package installed or running should be considered...

MAL-2025-6125 Malicious code in slf4j-api (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7ccd4cc3b9a566cde097a25dda1efca4dc2bc70d632e77b01f3e21128e03356 Any computer that has this package installed or running should be considered...

Malicious code in slf4j-api (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7ccd4cc3b9a566cde097a25dda1efca4dc2bc70d632e77b01f3e21128e03356 Any computer that has this package installed or running should be considered...

Malicious code in slf4j-api-js (npm)

This package runs a post-install script that exfils sensitive data to a attacker-controlled server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3bf0cf1724507eaf1d28ec976793772cc682047cc52a74438224fb96d61884b Any computer that has this package installed or runni...

MAL-2025-3543 Malicious code in slf4j-api-js (npm)

This package runs a post-install script that exfils sensitive data to a attacker-controlled server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3bf0cf1724507eaf1d28ec976793772cc682047cc52a74438224fb96d61884b Any computer that has this package installed or runni...

Linux Distros Unpatched Vulnerability : CVE-2018-8088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted...

RHSA-2018:0582 Red Hat Security Advisory: rh-maven35-slf4j security update

Bulletin has no description...

RHSA-2018:0592 Red Hat Security Advisory: slf4j security update

Bulletin has no description...

CVE-2012-6708 affecting package slf4j for versions less than 2.0.7-1

CVE-2012-6708 affecting package slf4j for versions less than 2.0.7-1. An upgraded version of the package is available that resolves this issue...

CVE-2015-9251 affecting package slf4j for versions less than 2.0.7-1

CVE-2015-9251 affecting package slf4j for versions less than 2.0.7-1. An upgraded version of the package is available that resolves this issue...

OPENSUSE-SU-2024:11386-1 jcl-over-slf4j-1.7.30-2.5 on GA media

These are all security issues fixed in the jcl-over-slf4j-1.7.30-2.5 package on the GA media of openSUSE Tumbleweed...

RHEL 6 : slf4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution CVE-2018-8088...

RHEL 7 : rh-maven35-slf4j (RHSA-2018:0582)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0582 advisory. The Simple Logging Facade for Java or SLF4J is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation a...

Fedora: Security Advisory for slf4j (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: slf4j-1.7.32-12.fc40

The Simple Logging Facade for Java or SLF4J is intended to serve as a simple facade for various logging APIs allowing to the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging JCL. Logging API...

maven bug fix and enhancement update

An update is available for plexus-interpolation, httpcomponents-core, maven-wagon, maven, google-guice, jsoup, jansi, apache-commons-io, apache-commons-lang3, maven-shared-utils, plexus-utils, plexus-classworlds, jakarta-annotations, httpcomponents-client, apache-commons-codec, plexus-cipher,...