[Forgot Password]
Login  Register Subscribe

25354

 
 

132804

 
 

134312

 
 

909

 
 

108836

 
 

152

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2-2018-999 --- slf4j

ID: oval:org.secpod.oval:def:1700025Date: (C)2018-04-23   (M)2019-10-28
Class: PATCHFamily: unix




Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution:An XML deserialization vulnerability was discovered in slf4j's EventData which accepts anXML serialized string and can lead to arbitrary code execution

Platform:
Amazon Linux 2
Product:
slf4j
Reference:
ALAS-2018-999
CVE-2018-8088
CVE    1
CVE-2018-8088
CPE    2
cpe:/a:slf4j:slf4j
cpe:/o:amazon:linux:2

© SecPod Technologies