Back to bug 2215445
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2023-06-16 04:10:49 UTC | Blocks | 2215395 | |
| Sandipan Roy | 2023-06-16 04:11:40 UTC | CC | adupliak, aileenc, alampare, alazarot, anstephe, asoldano, ataylor, avibelli, bbaranow, bgeorges, bmaxwell, brian.stansberry, cdewolf, chazlett, clement.escoffier, dandread, darran.lofthouse, dhanak, dkreling, dosoudil, emingora, eric.wittmann, fjuma, fmongiar, gjospin, gmalinko, gsmet, hamadhan, hbraun, ibek, ivassile, iweiss, janstey, jcantril, jmartisk, jnethert, jpavlik, jpechane, jpoth, jrokos, jross, jscholz, kverlaen, lbacciot, lgao, lthon, max.andersen, mizdebsk, mnovotny, mosmerov, msochure, mstefank, msvehla, nwallace, pantinor, pdelbell, peholase, periklis, pgallagh, pjindal, pmackay, probinso, rguimara, rkieley, rruss, rstancel, rsvoboda, saroy, sbiarozk, sdouglas, smaestri, swoodman, tcunning, tom.jenkinson, tqvarnst, yfang | |
| Sandipan Roy | 2023-06-16 04:12:12 UTC | Priority | high | medium |
| Severity | high | medium | ||
| Sandipan Roy | 2023-06-16 04:18:26 UTC | Depends On | 2215449, 2215448 | |
| Sandipan Roy | 2023-06-20 06:39:07 UTC | CC | hhorak, jorton | |
| Sandipan Roy | 2023-06-20 06:39:31 UTC | Depends On | 2216107 | |
| Red Hat Bugzilla | 2023-07-07 08:34:06 UTC | Assignee | security-response-team | nobody |
| Red Hat Bugzilla | 2023-07-21 22:26:28 UTC | CC | jpavlik | |
| Chess Hazlett | 2023-08-08 17:16:26 UTC | Doc Text | Snappy-java's fileSnappyInputStream class's hasNextChunk function does not sufficiently evaluate input bytes before beginning operations. An attacker could send malicious input to trigger an out of memory error, thereby crashing the program and achieving Denial of Service. | |
| Fixed In Version | snappy-java 1.1.10.1 | |||
| Chess Hazlett | 2023-08-08 17:30:26 UTC | Alias | TRIAGE-CVE-2023-34455 | CVE-2023-34455 |
| Summary | TRIAGE-CVE-2023-34455 snappy-java: Unchecked chunk length leads to DoS | CVE-2023-34455 snappy-java: Unchecked chunk length leads to DoS | ||
| Paige Jung | 2023-08-08 17:52:49 UTC | Doc Text | Snappy-java's fileSnappyInputStream class's hasNextChunk function does not sufficiently evaluate input bytes before beginning operations. An attacker could send malicious input to trigger an out of memory error, thereby crashing the program and achieving Denial of Service. | A flaw was found in Snappy-java's fileSnappyInputStream hasNextChunk function, which does not sufficiently evaluate input bytes before beginning operations. This issue could allow an attacker to send malicious input to trigger an out of memory error that crashes the program, resulting in a denial of service. |
Back to bug 2215445