Back to bug 2215162
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Michael Kaplan | 2023-06-14 22:32:41 UTC | Blocks | 2215163 | |
| Patrick Del Bello | 2023-06-16 21:19:46 UTC | Doc Text | A flaw was found under JSON-IO. This flaw allows malicious user to use a especial crafted object that uses cyclic dependencies to cause a denial of service. Note the ending malicious user must have permissions to either send or input the malicious JSON string. | |
| Fixed In Version | json-io 4.14.0 | |||
| Red Hat Bugzilla | 2023-07-07 08:34:07 UTC | Assignee | security-response-team | nobody |
| Patrick Del Bello | 2023-08-10 11:44:47 UTC | Alias | TRIAGE-CVE-2023-34610 | CVE-2023-34610 |
| Summary | TRIAGE-CVE-2023-34610 json-io: cyclic dependencies in a crafted object could result in Dos | CVE-2023-34610 TRIAGE-CVE-2023-34610 json-io: cyclic dependencies in a crafted object could result in Dos | ||
| Patrick Del Bello | 2023-08-10 12:31:34 UTC | Summary | CVE-2023-34610 TRIAGE-CVE-2023-34610 json-io: cyclic dependencies in a crafted object could result in Dos | CVE-2023-34610 json-io: cyclic dependencies in a crafted object could result in Dos |
| Paige Jung | 2023-08-10 16:19:05 UTC | Doc Text | A flaw was found under JSON-IO. This flaw allows malicious user to use a especial crafted object that uses cyclic dependencies to cause a denial of service. Note the ending malicious user must have permissions to either send or input the malicious JSON string. | A flaw was found in JSON-IO. This issue may allow a malicious user to use a specially crafted object using cyclic dependencies to cause a denial of service. The malicious user must have permissions to either send or input the malicious JSON string. |
| Patrick Del Bello | 2023-08-11 12:13:37 UTC | Severity | medium | high |
| Doc Text | A flaw was found in JSON-IO. This issue may allow a malicious user to use a specially crafted object using cyclic dependencies to cause a denial of service. The malicious user must have permissions to either send or input the malicious JSON string. | A flaw was found in JSON-IO. This issue may allow a malicious user to use a specially crafted object using cyclic dependencies to cause a denial of service. | ||
| Priority | medium | high |
Back to bug 2215162