org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
27 Dec 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:01
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
31 Jan 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
Summary | org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series. | |
References |
|
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Aug 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Jul 2021, 06:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Mar 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Mar 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
27 Mar 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References |
|
|
References |
|
|
References |
|
25 Mar 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
02 Feb 2021, 17:27
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch, Third Party Advisory | |
CPE | cpe:2.3:a:qos:slf4j:1.8.0:beta2:*:*:*:*:*:* |
29 Jan 2021, 01:14
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2020.html - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rfe52b7cbba4dcba521e13130e5d28d5818b78d70db0af1b470fa0264@%3Ccommon-issues.hadoop.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/reb3eeb985afdead17fadb7c33d5d472c1015a85ea5c9b038ec77f378@%3Ccommon-dev.hadoop.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rd86db9679150e9297b5c0fcb6f0e80a8b81b54fcf423de5a914bca78@%3Ccommon-commits.hadoop.apache.org%3E - Mailing List, Patch, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r9584c4304c888f651d214341a939bd264ed30c9e3d0d30fe85097ecf@%3Ccommits.pulsar.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r1660c72a660f0522947ca6ce329dcc74e1ee20c58bbe208472754489@%3Ccommon-issues.hadoop.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r81711cde77c2c5742b7b8533c978e79771b700af0ef4d3149d70df25@%3Cnotifications.logging.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpujul2020.html - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:3140 - Third Party Advisory | |
References | (MISC) https://github.com/qos-ch/slf4j/commit/d2b27fba88e983f921558da27fc29b5f5d269405 - Patch, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2413 - Third Party Advisory | |
References | (MISC) https://jira.qos.ch/browse/SLF4J-430 - Issue Tracking, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/raabf1a00b2652575fca9fcb44166a828a0cab97a7d1594001eabc991@%3Ccommon-issues.hadoop.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/re6fb6b0de9d679310437ff87fc94e39da5a14dce9c73864a41837462@%3Ccommon-commits.hadoop.apache.org%3E - Mailing List, Patch, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r767861f053c15f9e9201b939a0d508dd58475a072e76135eaaca17f0@%3Ccommon-issues.hadoop.apache.org%3E - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:a:slf4j:slf4j-ext:1.8.0:beta0:*:*:*:*:*:* |
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* |
28 Jan 2021, 22:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:slf4j:slf4j-ext:1.8.0:beta1:*:*:*:*:*:* cpe:2.3:a:slf4j:slf4j-ext:1.8.0:alpha2:*:*:*:*:*:* cpe:2.3:a:slf4j:slf4j-ext:1.8.0:alpha1:*:*:*:*:*:* |
cpe:2.3:a:qos:slf4j:1.8.0:alpha1:*:*:*:*:*:* cpe:2.3:a:qos:slf4j:1.8.0:beta1:*:*:*:*:*:* cpe:2.3:a:qos:slf4j:1.8.0:alpha2:*:*:*:*:*:* cpe:2.3:a:qos:slf4j:*:*:*:*:*:*:*:* |
27 Jan 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2018-03-20 16:29
Updated : 2023-12-27 15:15
NVD link : CVE-2018-8088
Mitre link : CVE-2018-8088
CVE.ORG link : CVE-2018-8088
JSON object : View
Products Affected
oracle
- utilities_framework
- goldengate_stream_analytics
- goldengate_application_adapters
redhat
- enterprise_linux
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_server
- enterprise_linux_workstation
- jboss_enterprise_application_platform
- enterprise_linux_desktop
- enterprise_linux_eus
- virtualization_host
- virtualization
qos
- slf4j
CWE