RHSA-2018:0592-01 -- Redhat slf4jID: oval:org.secpod.oval:def:502255 | Date: (C)2018-03-27 (M)2024-01-02 |
Class: PATCH | Family: unix |
The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging . Security Fix: * slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Chris McCown for reporting this issue.
Platform: |
Red Hat Enterprise Linux 7 |