Back to bug 2093111
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Todd Cullum | 2022-06-02 23:43:44 UTC | CC | bmontgom, eparis, grafana-maint, jburrell, jhadvig, jokerman, jwendell, link, nstielau, ovanders, rcernich, sponnaga | |
| Avinash Hanwate | 2022-06-03 05:37:53 UTC | Depends On | 2093141 | |
| Sandipan Roy | 2022-06-14 04:28:27 UTC | CC | vkumar | |
| Sandipan Roy | 2022-06-14 04:35:19 UTC | Depends On | 2096503, 2096504 | |
| Sandipan Roy | 2022-06-14 04:37:00 UTC | Depends On | 2096506, 2096505 | |
| Sandipan Roy | 2022-07-01 06:25:18 UTC | Doc Text | A security vulnerability found in protobufjs. In this is vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways, first by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions, and secondly, it can be done by parsing/loading .proto files | |
| Sandipan Roy | 2022-07-01 06:25:40 UTC | Doc Text | A security vulnerability found in protobufjs. In this is vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways, first by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions, and secondly, it can be done by parsing/loading .proto files | A security vulnerability found in protobufjs. In this is vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways, first by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions, and secondly, it can be done by parsing/loading .proto files. |
| RaTasha Tillery-Smith | 2022-07-01 12:12:06 UTC | Doc Text | A security vulnerability found in protobufjs. In this is vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways, first by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions, and secondly, it can be done by parsing/loading .proto files. | A flaw was found in protobufjs, where it is vulnerable to Prototype Pollution, allowing an attacker to add/modify properties of the Object.prototype. This vulnerability can occur by providing untrusted user input to the util.setProperty or to the ReflectionObject.setParsedOption functions, and also by parsing/loading .proto files. |
| Red Hat Bugzilla | 2023-02-03 23:11:27 UTC | CC | ovanders | |
| Red Hat Bugzilla | 2023-07-07 08:35:12 UTC | Assignee | security-response-team | nobody |
Back to bug 2093111