org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"fixed": "19.1.0.0.1"
}
],
"vendor_product": "oracle:goldengate_stream_analytics",
"source": "CPE_RANGE"
},
{
"cpes": [
"cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "12.3.2.1.0"
},
{
"last_affected": "12.3.2.1.0"
}
],
"vendor_product": "oracle:goldengate_application_adapters",
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:utilities_framework:4.3.0.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:utilities_framework:4.3.0.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:utilities_framework:4.3.0.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:utilities_framework:4.3.0.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:utilities_framework:4.3.0.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "4.2.0.2.0"
},
{
"last_affected": "4.2.0.2.0"
},
{
"introduced": "4.2.0.3.0"
},
{
"last_affected": "4.2.0.3.0"
},
{
"introduced": "4.3.0.2.0"
},
{
"last_affected": "4.3.0.2.0"
},
{
"introduced": "4.3.0.3.0"
},
{
"last_affected": "4.3.0.3.0"
},
{
"introduced": "4.3.0.4.0"
},
{
"last_affected": "4.3.0.4.0"
},
{
"introduced": "4.3.0.5.0"
},
{
"last_affected": "4.3.0.5.0"
},
{
"introduced": "4.3.0.6.0"
},
{
"last_affected": "4.3.0.6.0"
},
{
"introduced": "4.4.0.0.0"
},
{
"last_affected": "4.4.0.0.0"
}
],
"vendor_product": "oracle:utilities_framework",
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"
],
"vendor_product": "redhat:enterprise_linux_desktop",
"extracted_events": [
{
"introduced": "7.0"
},
{
"last_affected": "7.0"
}
],
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"
],
"vendor_product": "redhat:enterprise_linux_eus",
"extracted_events": [
{
"introduced": "7.4"
},
{
"last_affected": "7.4"
},
{
"introduced": "7.5"
},
{
"last_affected": "7.5"
},
{
"introduced": "7.6"
},
{
"last_affected": "7.6"
},
{
"introduced": "7.7"
},
{
"last_affected": "7.7"
}
],
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "7.0"
},
{
"last_affected": "7.0"
}
],
"vendor_product": "redhat:enterprise_linux_server",
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"
],
"vendor_product": "redhat:enterprise_linux_server_aus",
"extracted_events": [
{
"introduced": "7.4"
},
{
"last_affected": "7.4"
},
{
"introduced": "7.6"
},
{
"last_affected": "7.6"
},
{
"introduced": "7.7"
},
{
"last_affected": "7.7"
}
],
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "7.4"
},
{
"last_affected": "7.4"
},
{
"introduced": "7.6"
},
{
"last_affected": "7.6"
},
{
"introduced": "7.7"
},
{
"last_affected": "7.7"
}
],
"vendor_product": "redhat:enterprise_linux_server_tus",
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "7.0"
},
{
"last_affected": "7.0"
}
],
"vendor_product": "redhat:enterprise_linux_workstation",
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "7.1"
},
{
"last_affected": "7.1"
},
{
"introduced": "6.0.0"
},
{
"last_affected": "6.0.0"
},
{
"introduced": "6.4.0"
},
{
"last_affected": "6.4.0"
}
],
"vendor_product": "redhat:jboss_enterprise_application_platform",
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "4.0"
},
{
"last_affected": "4.0"
}
],
"vendor_product": "redhat:virtualization",
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*"
],
"vendor_product": "redhat:virtualization_host",
"extracted_events": [
{
"introduced": "4.0"
},
{
"last_affected": "4.0"
}
],
"source": "CPE_STRING"
}
]
}{
"cpe": [
"cpe:2.3:a:qos:slf4j:*:*:*:*:*:*:*:*",
"cpe:2.3:a:qos:slf4j:1.8.0:alpha1:*:*:*:*:*:*",
"cpe:2.3:a:qos:slf4j:1.8.0:alpha2:*:*:*:*:*:*",
"cpe:2.3:a:qos:slf4j:1.8.0:beta1:*:*:*:*:*:*",
"cpe:2.3:a:qos:slf4j:1.8.0:beta2:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.7.26"
},
{
"introduced": "1.8.0-alpha1"
},
{
"last_affected": "1.8.0-alpha1"
},
{
"introduced": "1.8.0-alpha2"
},
{
"last_affected": "1.8.0-alpha2"
},
{
"introduced": "1.8.0-beta1"
},
{
"last_affected": "1.8.0-beta1"
},
{
"introduced": "1.8.0-beta2"
},
{
"last_affected": "1.8.0-beta2"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING",
"REFERENCES"
]
}