Back to bug 1897154
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2020-11-12 13:03:33 UTC | Depends On | 1897155 | |
| Guilherme de Almeida Suckevicz | 2020-11-12 13:38:02 UTC | Blocks | 1897164 | |
| Przemyslaw Roguski | 2020-11-13 14:43:11 UTC | CC | hvyas | |
| Fixed In Version | grpc 1.24.4 | |||
| Przemyslaw Roguski | 2020-11-13 15:06:10 UTC | CC | hvyas | |
| Przemyslaw Roguski | 2020-11-13 15:41:21 UTC | Fixed In Version | grpc 1.24.4 | nodejs-grpc 1.24.4 |
| Summary | CVE-2020-7768 grpc: Prototype Pollution via loadPackageDefinition | CVE-2020-7768 nodejs-grpc: Prototype Pollution via loadPackageDefinition | ||
| Doran Moppert | 2020-11-18 08:02:29 UTC | CC | gghezzo, gparvin, jramanat, jweiser, stcannon, thee | |
| Product Security DevOps Team | 2020-11-18 11:28:42 UTC | Status | NEW | CLOSED |
| Resolution | --- | NOTABUG | ||
| Last Closed | 2020-11-18 11:28:42 UTC | |||
| Huzaifa S. Sidhpurwala | 2020-12-24 07:43:31 UTC | CC | rhel8-maint | |
| Huzaifa S. Sidhpurwala | 2020-12-24 09:22:12 UTC | Depends On | 1910525 | |
| Tomas Hoger | 2021-01-04 15:27:20 UTC | CC | rhel8-maint | |
| RaTasha Tillery-Smith | 2021-06-08 15:06:07 UTC | Doc Text | A flaw was found in nodejs-grpc, where the package @grpc/grpc-js is vulnerable to Prototype Pollution via the loadPackageDefinition. The highest threat from this vulnerability is to system availability. |
Back to bug 1897154