Back to bug 2215393

Who	When	What	Removed	Added
Guilherme de Almeida Suckevicz	2023-06-15 19:31:27 UTC	CC		aileenc, bbuckingham, bcourt, dsimansk, ehelms, gmalinko, hhorak, janstey, jorton, jpavlik, jsherril, lball, lzap, matzew, mhulan, mizdebsk, myarboro, nmoumoul, orabin, pcreech, rchan, rhuss, skontopo
Guilherme de Almeida Suckevicz	2023-06-15 19:35:16 UTC	Blocks		2215395
Guilherme de Almeida Suckevicz	2023-06-15 19:40:02 UTC	Depends On		2215397, 2215398, 2215396
Avinash Hanwate	2023-06-20 04:36:27 UTC	CC		dfreiber, jburrell, rogbas, vkumar
		CC		jcantril, periklis
Sandipan Roy	2023-06-20 06:36:07 UTC	Depends On		2216103, 2216104
Red Hat Bugzilla	2023-07-07 08:28:22 UTC	Assignee	security-response-team	nobody
Red Hat Bugzilla	2023-07-21 22:26:28 UTC	CC	jpavlik
Chess Hazlett	2023-08-08 15:43:12 UTC	Fixed In Version		snappy-java 1.1.10.1
Chess Hazlett	2023-08-08 16:34:12 UTC	Doc Text		Snappy-java's shuffle function does not check input sizes before beginning operations. An attacker could send malicious input to trigger an overflow error, thereby crashing the program and achieving Denial of Service.
Chess Hazlett	2023-08-08 16:41:59 UTC	Alias	TRIAGE-CVE-2023-34453	CVE-2023-34453
Chess Hazlett	2023-08-08 16:43:23 UTC	Summary	TRIAGE-CVE-2023-34453 snappy-java: Integer overflow in shuffle leads to DoS	CVE-2023-34453 snappy-java: Integer overflow in shuffle leads to DoS
Paige Jung	2023-08-08 16:55:03 UTC	Doc Text	Snappy-java's shuffle function does not check input sizes before beginning operations. An attacker could send malicious input to trigger an overflow error, thereby crashing the program and achieving Denial of Service.	A flaw was found in Snappy-java's shuffle function, which does not check input sizes before beginning operations. This issue could allow an attacker to send malicious input to trigger an overflow error that crashes the program, resulting in a denial of service.

Back to bug 2215393