Back to bug 1997772
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2021-08-25 19:03:17 UTC | Depends On | 1997773 | |
| Guilherme de Almeida Suckevicz | 2021-08-25 20:08:47 UTC | Blocks | 1997804 | |
| Przemyslaw Roguski | 2021-08-26 08:19:58 UTC | Fixed In Version | xstream 1.4.18 | |
| RaTasha Tillery-Smith | 2021-08-26 15:46:14 UTC | Doc Text | A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |
| Garrett Tucker | 2021-08-27 19:22:40 UTC | Depends On | 1998633 | |
| Red Hat Bugzilla | 2021-10-15 11:52:25 UTC | CC | kconner | |
| Tomas Hoger | 2021-10-20 21:14:10 UTC | Summary | CVE-2021-39144 xstream: vulnerable to a remote command execution attack | CVE-2021-39144 xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.* |
| errata-xmlrpc | 2021-10-25 06:50:55 UTC | Link ID | Red Hat Product Errata RHSA-2021:3956 | |
| Product Security DevOps Team | 2021-10-25 14:08:25 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2021-10-25 14:08:25 UTC | |||
| errata-xmlrpc | 2021-11-23 10:36:04 UTC | Link ID | Red Hat Product Errata RHSA-2021:4767 | |
| errata-xmlrpc | 2021-12-02 16:18:35 UTC | Link ID | Red Hat Product Errata RHSA-2021:4918 | |
| errata-xmlrpc | 2022-01-26 15:53:36 UTC | Link ID | Red Hat Product Errata RHSA-2022:0296 | |
| errata-xmlrpc | 2022-01-26 16:57:40 UTC | Link ID | Red Hat Product Errata RHSA-2022:0297 | |
| errata-xmlrpc | 2022-02-14 13:07:16 UTC | Link ID | Red Hat Product Errata RHSA-2022:0520 | |
| Chess Hazlett | 2023-03-10 20:01:01 UTC | CC | boliveir, pdrozd, pskopek, rjohnson, sthorger | |
| Yogesh Mittal | 2023-03-13 05:30:45 UTC | CC | ymittal | |
| RaTasha Tillery-Smith | 2023-03-13 14:47:30 UTC | Doc Text | A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. |
| Chess Hazlett | 2023-03-16 20:28:18 UTC | CC | avibelli, bgeorges, dkreling, jcantril, lthon, peholase, periklis, pgallagh, rruss | |
| errata-xmlrpc | 2023-03-17 16:41:09 UTC | Link ID | Red Hat Product Errata RHSA-2023:1303 | |
| Chess Hazlett | 2023-03-17 18:37:44 UTC | CC | asoldano, bbaranow, bmaxwell, brian.stansberry, cdewolf, clement.escoffier, dandread, darran.lofthouse, dosoudil, ellin, eric.wittmann, fjuma, gsmet, hamadhan, ivassile, iweiss, jmartisk, jpavlik, jpechane, jpoth, lgao, max.andersen, mokumar, mosmerov, msochure, msvehla, pmackay, probinso, rkieley, rstancel, rsvoboda, sbiarozk, scorneli, sdouglas, shbose, smaestri, tom.jenkinson, yfang | |
| errata-xmlrpc | 2023-06-27 18:53:53 UTC | Link ID | Red Hat Product Errata RHSA-2023:3892 |
Back to bug 1997772