---

CVE-2017-10089 - log back

CVE-2017-10089 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Access restriction bypass
Description	+ It was discovered that the implementation of the ServiceRegistry class in the ImageIO component of OpenJDK failed to properly perform access control checks. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.
References	+ http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/d7bd49ad8f0a
Notes