<html>

    <head>

      <base href="https://bugzilla.rosalinux.ru/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Platform</th>

          <td>2021.1

          </td>

        </tr>

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_CONFIRMED "

   title="CONFIRMED - [CVE 21] snappy 1.1.8 CVEs found"

   href="https://bugzilla.rosalinux.ru/show_bug.cgi?id=13315">13315</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>[CVE 21] snappy 1.1.8  CVEs found

          </td>

        </tr>

        <tr>

          <th>Classification</th>

          <td>ROSA-based products

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>ROSA Fresh

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>URL</th>

          <td>CVE-2023-28115,

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>CONFIRMED

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>Normal

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>System (kernel, glibc, systemd, bash, PAM...)

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>bugs&#64;lists.rosalinux.ru

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>y.tumanov&#64;rosalinux.ru

          </td>

        </tr>

        <tr>

          <th>QA Contact</th>

          <td>bugs&#64;lists.rosalinux.ru

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>s.matveev&#64;rosalinux.ru, y.tumanov&#64;rosalinux.ru

          </td>

        </tr>

        <tr>

          <th>Target Milestone</th>

          <td>---

          </td>

        </tr>

        <tr>

          <th>Flags</th>

          <td>secteam_verified?

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Please patch CVEs for package snappy version 1.1.8

INFO (CVEs are): snappy 1.1.8

 cves found

CVE-2023-28115

Desc: Snappy is a PHP library allowing thumbnail, snapshot or PDF generation

from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR

deserialization due to a lack of checking on the protocol before passing it

into the `file_exists()` function. If an attacker can upload files of any type

to the server he can pass in the phar:// protocol to unserialize the uploaded

file and instantiate arbitrary PHP objects. This can lead to remote code

execution especially when snappy is used with frameworks with documented POP

chains like Laravel/Symfony vulnerable developer code. If a user can control

the output file from the `generateFromHtml()` function, it will invoke

deserialization. This vulnerability is capable of remote code execution if

Snappy is used with frameworks or developer code with vulnerable POP chains. It

has been fixed in version 1.4.2.

Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-28115">https://nvd.nist.gov/vuln/detail/CVE-2023-28115</a>

Severity: CRITICAL</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are the QA Contact for the bug.</li>

          <li>You are the assignee for the bug.</li>

      </ul>

    </body>

</html>