GHSA-55G7-9CWV-5QFV snappy-java's missing upper bound check on chunk length can lead to Denial of Service (DoS) impact
Summary snappy-java is a data compression library in Java. Its SnappyInputStream was found to be vulnerable to Denial of Service DoS attacks when decompressing data with a too-large chunk size. Due to missing upper bound check on chunk length, an unrecoverable fatal error can occur. Scope All...