VDB

RHSA-2018%3A1323

RHSA-2018%3A1323 PUBLISHED CVSS 8.100000381469727 HIGH

An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.

Risk Scores

CVSS 3.0
8.100000381469727
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red HatRed Hat Single Sign-On 7.2.2 zip

Timeline

  • May 4, 2018 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
  • May 14, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›