SLF4J / SLF4J-506 [Open] org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. ============================== Here's what changed in this issue in the last few minutes. This issue has been created This issue is now assigned to you. View or comment on issue using this link https://jira.qos.ch/browse/SLF4J-506 ============================== Issue created ------------------------------ Simon Mulser created this issue on 02/Feb/21 9:30 AM Summary: org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. Issue Type: Bug Affects Versions: 1.7.30 Assignee: SLF4J developers list Components: slf4j-ext Created: 02/Feb/21 9:30 AM Environment: https://nvd.nist.gov/vuln/detail/CVE-2018-8088 Priority: Major Reporter: Simon Mulser External issue URL: https://nvd.nist.gov/vuln/detail/CVE-2018-8088 Severity: major ============================== This message was sent by Atlassian Jira (v8.8.0#808000-sha1:e2c7e59)