Download
| Alert*
oval:org.secpod.oval:def:502255
The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging . Security Fix: * slf4j: Deserialisation vulnerability i ... oval:org.secpod.oval:def:204773 The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging . Security Fix: * slf4j: Deserialisation vulnerability i ... oval:org.secpod.oval:def:1700025 Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution:An XML deserialization vulnerability was discovered in slf4j#039;s EventData which accepts anXML serialized string and can lead to arbitrary code execution oval:org.secpod.oval:def:1502157 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114214 The Simple Logging Facade for Java or is intended to serve as a simple facade for various logging APIs allowing to the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging . Logging API implementations ca ... oval:org.secpod.oval:def:504992 The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging . Security Fix: * slf4j: Deserialisation vulnerability i ... oval:org.secpod.oval:def:2000411 org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. oval:org.secpod.oval:def:114211 The Simple Logging Facade for Java or is intended to serve as a simple facade for various logging APIs allowing to the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging . Logging API implementations ca ... |