Back to bug 2034914

Who When What Removed Added
Guilherme de Almeida Suckevicz 2021-12-22 13:37:06 UTC Blocks 2034915
Hardik Vyas 2021-12-27 13:49:54 UTC CC amctagga, etamir, godas, hchiramm, jrivera, madam, nbecker, ocs-bugs, sabose, sostapov, tnielsen
Hardik Vyas 2021-12-27 13:51:48 UTC Fixed In Version vault 1.7.7, vault 1.8.6, vault 1.9.1
CC gparvin, jramanat, njean, pahickey, stcannon
Hardik Vyas 2021-12-28 14:04:00 UTC Doc Text A denial of service attack was discovered against vault. For clusters using the Integrated Storage (Raft) backend, an authenticated user with write permissions to the KV secrets engine can cause a panic and Denial of Service of the storage backend, by supplying a key larger than 32KB.
Eric Christensen 2022-01-05 19:21:48 UTC Doc Text A denial of service attack was discovered against vault. For clusters using the Integrated Storage (Raft) backend, an authenticated user with write permissions to the KV secrets engine can cause a panic and Denial of Service of the storage backend, by supplying a key larger than 32KB. A denial of service attack was discovered against vault. For clusters using the Integrated Storage (Raft) backend, an authenticated user with write permissions to the KV secrets engine can cause a panic leading to a denial of service of the storage backend, by supplying a key larger than 32KB.
Red Hat Bugzilla 2022-08-05 19:08:46 UTC CC sabose
Red Hat Bugzilla 2022-12-31 20:04:28 UTC CC hchiramm
Red Hat Bugzilla 2023-01-01 05:32:34 UTC CC amctagga
Red Hat Bugzilla 2023-01-01 07:22:55 UTC CC tnielsen
Red Hat Bugzilla 2023-01-01 08:43:05 UTC CC sostapov
Alasdair Kergon 2023-01-04 04:55:31 UTC CC hchiramm
Alasdair Kergon 2023-01-04 05:43:50 UTC CC sostapov
Alasdair Kergon 2023-01-04 05:49:38 UTC CC tnielsen
Red Hat Bugzilla 2023-01-16 08:27:22 UTC CC jrivera
Red Hat Bugzilla 2023-01-31 22:27:02 UTC CC nbecker
Red Hat Bugzilla 2023-01-31 22:27:58 UTC CC etamir
Red Hat Bugzilla 2023-01-31 23:37:31 UTC CC madam
Red Hat Bugzilla 2023-02-08 00:54:38 UTC CC hchiramm
Avinash Hanwate 2023-02-13 14:53:56 UTC CC amctagga, etamir, hchiramm, jcantril, jrivera, madam, nbecker, periklis
Red Hat Bugzilla 2023-07-07 08:34:25 UTC Assignee security-response-team nobody
Red Hat Bugzilla 2023-08-03 08:30:05 UTC CC ocs-bugs

Back to bug 2034914