Download
| Alert*
ALAS2-2018-999 --- slf4j
Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution:An XML deserialization vulnerability was discovered in slf4j#039;s EventData which accepts anXML serialized string and can lead to arbitrary code execution
|