Is CVE-2023-28115 associated with google/snappy by mistake?
Hello!
CVE-2023-28115 is listing the knplabs/snappy library "possibly vulnerable" in https://security.alpinelinux.org/vuln/CVE-2023-28115, rather than the google/snappy library, which is included in aports - https://git.alpinelinux.org/aports/tree/main/snappy/APKBUILD?h=3.17-stable. Is this just a package name mistake or is Alpine 3.17 possibly vulnerable to CVE-2023-28115?
Thank you!