CVE-2018-8088
20.03.2018, 16:29
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.Enginsight
| Vendor | Product | Version |
|---|---|---|
| qos | slf4j | 𝑥 < 1.7.26 |
| qos | slf4j | 1.8.0:alpha1 |
| qos | slf4j | 1.8.0:alpha2 |
| qos | slf4j | 1.8.0:beta1 |
| qos | slf4j | 1.8.0:beta2 |
| redhat | jboss_enterprise_application_platform | 7.1 |
| redhat | jboss_enterprise_application_platform | 6.0.0 |
| redhat | jboss_enterprise_application_platform | 6.4.0 |
| redhat | virtualization | 4.0 |
| redhat | virtualization_host | 4.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_eus | 7.4 |
| redhat | enterprise_linux_eus | 7.5 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_server_tus | 7.4 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_workstation | 7.0 |
| oracle | goldengate_application_adapters | 12.3.2.1.0 |
| oracle | goldengate_stream_analytics | 𝑥 < 19.1.0.0.1 |
| oracle | utilities_framework | 4.2.0.2.0 |
| oracle | utilities_framework | 4.2.0.3.0 |
| oracle | utilities_framework | 4.3.0.2.0 |
| oracle | utilities_framework | 4.3.0.3.0 |
| oracle | utilities_framework | 4.3.0.4.0 |
| oracle | utilities_framework | 4.3.0.5.0 |
| oracle | utilities_framework | 4.3.0.6.0 |
| oracle | utilities_framework | 4.4.0.0.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References