snappy-java: Unchecked chunk length leads to DoS

A flaw was found in Snappy-java's fileSnappyInputStream hasNextChunk function, which does not sufficiently evaluate input bytes before beginning operations. This issue could allow an attacker to send malicious input to trigger an out of memory error that crashes the program, resulting in a denial...

snappy-java: Unchecked chunk length leads to DoS

A flaw was found in Snappy-java's fileSnappyInputStream hasNextChunk function, which does not sufficiently evaluate input bytes before beginning operations. This issue could allow an attacker to send malicious input to trigger an out of memory error that crashes the program, resulting in a denial...

The vulnerability of the hasNextChunk function in the snappy-java compression/decompression library allows a hacker to cause a service failure.

The vulnerability of the hasNextChunk function in the snappy-java compression/decompression library is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Denial Of Service (DoS)

snappy-java is vulnerable to Denial Of Service DoS. The vulnerability exists because the hasNextChunk function of SnappyInputStream.java does not properly check for negative chunk sizes and huge positive values such as 0x7FFFFFFF, which leads to java.lang.NegativeArraySizeException and...

UBUNTU-CVE-2023-34455

snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does...