[slf4j-dev] [JIRA] Updates for SLF4J-506: org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data.

QOS.CH (JIRA) noreply-jira at qos.ch
Tue Feb 2 09:43:00 CET 2021


SLF4J / SLF4J-506 [Open]
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data.

==============================

Here's what changed in this issue in the last few minutes.
This issue has been created
This issue is now assigned to you.

View or comment on issue using this link
https://jira.qos.ch/browse/SLF4J-506

==============================
 Issue created
------------------------------

Simon Mulser created this issue on 02/Feb/21 9:30 AM
Summary:              org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data.
Issue Type:           Bug
Affects Versions:     1.7.30
Assignee:             SLF4J developers list
Components:           slf4j-ext
Created:              02/Feb/21 9:30 AM
Environment:          https://nvd.nist.gov/vuln/detail/CVE-2018-8088
Priority:             Major
Reporter:             Simon Mulser
External issue URL:   https://nvd.nist.gov/vuln/detail/CVE-2018-8088
Severity:             major


==============================
 This message was sent by Atlassian Jira (v8.8.0#808000-sha1:e2c7e59)



More information about the slf4j-dev mailing list