CVE-2017-10116 - log back

CVE-2017-10116 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Privilege escalation
Description
+ It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers.
References
+ http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/73dd1557f0ef
Notes