EUVD-2023-1858

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-34453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities in an update. Vulnerability Details CVEID: CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is configured with both the static-resources-list...

Security Bulletin: Vulnerability in snappy-java affects IBM Process Mining . CVE-2023-34453

Summary There is a vulnerability in snappy-java that could allow a remote attacker to execute a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION:...

snappy-java: Integer overflow in compress leads to DoS

A flaw was found in Snappy-java's shuffle function, which does not check input sizes before beginning operations. This issue could allow an attacker to send malicious input to trigger an overflow error that crashes the program, resulting in a denial of service...

CVE-2023-34454

A flaw was found in Snappy-java's shuffle function, which does not check input sizes before beginning operations. This issue could allow an attacker to send malicious input to trigger an overflow error that crashes the program, resulting in a denial of service...

UBUNTU-CVE-2023-34453

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...

GHSA-PQR6-CMR2-H8HF snappy-java's Integer Overflow vulnerability in shuffle leads to DoS

Summary Due to unchecked multiplications, an integer overflow may occur, causing a fatal error. Impact Denial of Service Description The function shuffleint inputhttps://github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/BitShuffle.javaL107...

CVE-2023-34453

CVE-2023-34453 affects snappy-java (Java port of Snappy). The vulnerability stems from unchecked multiplications in BitShuffle.java (shuffle variants for int, double, float, long, short), where length×multiplier can overflow, producing negative or zero values. This can trigger NegativeArraySizeEx...

PT-2023-4871 · Unknown +1 · Snappy-Java +2

Name of the Vulnerable Software and Affected Versions: snappy-java versions prior to 1.1.10.1 Description: The issue is related to an integer overflow in the shuffleint input function in the file BitShuffle.java, which can cause a fatal error. This function applies a bit shuffle to an array of...