Back to bug 2004547
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2021-09-15 14:31:02 UTC | Depends On | 2004548, 2004549 | |
| Marian Rehak | 2021-09-15 14:31:18 UTC | Blocks | 2004550 | |
| Product Security DevOps Team | 2021-10-05 12:21:17 UTC | Status | NEW | CLOSED |
| Resolution | --- | NOTABUG | ||
| Last Closed | 2021-10-05 12:21:17 UTC | |||
| Jens Petersen | 2022-04-02 14:27:20 UTC | Flags | needinfo?(mrehak) | |
| Marian Rehak | 2022-04-13 08:37:23 UTC | Flags | needinfo?(mrehak) | |
| Guilherme de Almeida Suckevicz | 2022-09-27 17:40:51 UTC | CC | gsuckevi | |
| Mauro Matteo Cascella | 2022-09-28 08:08:13 UTC | Flags | needinfo?(petersen) | |
| Fraser Tweedale | 2022-09-28 09:47:01 UTC | CC | ftweedal | |
| Jens Petersen | 2022-09-28 12:53:57 UTC | Flags | needinfo?(petersen) | |
| Fraser Tweedale | 2022-10-05 23:33:10 UTC | Status | CLOSED | NEW |
| Resolution | NOTABUG | --- | ||
| Keywords | Reopened | |||
| Mauro Matteo Cascella | 2022-10-07 20:30:51 UTC | Alias | CVE-2022-3433 | |
| Summary | ghc-aeson: untrusted input leads to hash collisions and to DoS | CVE-2022-3433 ghc-aeson: untrusted JSON input leads to hash collisions and DoS | ||
| Mauro Matteo Cascella | 2022-10-07 20:31:53 UTC | Depends On | 2133096 | |
| Mauro Matteo Cascella | 2022-10-07 20:40:27 UTC | Doc Text | The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service. | |
| Fixed In Version | aeson 2.0.1.0 | |||
| Red Hat Bugzilla | 2023-07-07 08:30:12 UTC | Assignee | security-response-team | nobody |
Back to bug 2004547