Back to bug 2129809
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2022-09-26 10:23:51 UTC | Depends On | 2129810 | |
| Product Security DevOps Team | 2022-11-28 03:25:23 UTC | Resolution | --- | UPSTREAM |
| Status | NEW | CLOSED | ||
| Last Closed | 2022-11-28 03:25:23 UTC | |||
| Chess Hazlett | 2023-05-11 16:22:29 UTC | Blocks | 2203255 | |
| Chess Hazlett | 2023-05-11 16:34:43 UTC | Priority | low | high |
| CC | aileenc, asoldano, bbaranow, bmaxwell, brian.stansberry, cdewolf, chazlett, darran.lofthouse, dkreling, dosoudil, fjuma, gmalinko, ivassile, iweiss, janstey, jpavlik, jross, jscholz, lgao, mokumar, mosmerov, msochure, msvehla, nwallace, pdelbell, pjindal, pmackay, rstancel, smaestri, swoodman, tom.jenkinson | |||
| Severity | low | high | ||
| errata-xmlrpc | 2023-05-18 09:54:20 UTC | Link ID | Red Hat Product Errata RHSA-2023:3223 | |
| Chess Hazlett | 2023-08-17 15:43:53 UTC | Doc Text | Scala's LazyList was found to permit code execution during deserialization. An attacker could use this flaw to craft a LazyList containing a malicious Function0 call and execute arbitrary code, or other possible attacks, on a server that deserializes untrusted data. | |
| Paige Jung | 2023-08-17 18:29:36 UTC | Doc Text | Scala's LazyList was found to permit code execution during deserialization. An attacker could use this flaw to craft a LazyList containing a malicious Function0 call and execute arbitrary code, or other possible attacks, on a server that deserializes untrusted data. | A flaw was found in Scala's LazyList that permits code execution during deserialization. This issue could allow an attacker to craft a LazyList containing a malicious Function0 call to execute arbitrary code on a server that deserializes untrusted data. |
Back to bug 2129809