CVE-2017-10110 - log back

CVE-2017-10110 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ It was discovered that the implementation of the ImageWatched class in the AWT component of OpenJDK failed to properly perform access control checks. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.
References
+ http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/78a83e6e0fe8
Notes