---

CVE-2017-10116 - log back

CVE-2017-10116 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Privilege escalation
Description	+ It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers.
References	+ http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/73dd1557f0ef
Notes