126 matches found
CVE-2023-34455 snappy-java's unchecked chunk length leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does...
UBUNTU-CVE-2023-34453
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...
Integer overflow
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...
CVE-2023-34455 snappy-java's unchecked chunk length leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does...
CVE-2023-34455
CVE-2023-34455 concerns snappy-java. The issue arises from an unchecked chunk length in SnappyInputStream.hasNextChunk, which can allocate a negative or excessively large array when handling untrusted input, potentially causing a java.lang.NegativeArraySizeException or java.lang.OutOfMemoryError....
CVE-2023-34453
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...
CVE-2023-34455 snappy-java's unchecked chunk length leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does...
CVE-2023-34454
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...
ai.grakn:grakn (>=0.13.0 <=0.14.0), ai.grakn:grakn-client (>=0.13.0 <=0.14.0) +4237 more potentially affected by CVE-2023-34454 via org.xerial.snappy:snappy-java (>=1.0.1-rc3 <=1.1.10.0)
org.xerial.snappy:snappy-java MAVEN version =1.0.1-rc3, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.13.0, =0.13.0, =0.6.1, =0.17.0, =0.13.0, =0.14.0 and more Source cves: CVE-2023-34454 Source advisory: OSV:GHSA-FJPJ-2G6W-X25R...
snappy-java's Integer Overflow vulnerability in compress leads to DoS
Summary Due to unchecked multiplications, an integer overflow may occur, causing an unrecoverable fatal error. Impact Denial of Service Description The function compresschar...
GHSA-FJPJ-2G6W-X25R snappy-java's Integer Overflow vulnerability in compress leads to DoS
Summary Due to unchecked multiplications, an integer overflow may occur, causing an unrecoverable fatal error. Impact Denial of Service Description The function compresschar...
CVE-2023-34454
CVE-2023-34454 (snappy-java) : Unchecked multiplications when compressing inputs can overflow, causing negative or invalid allocation sizes. The issue affects versions prior to 1.1.10.1 and is triggered by multiplying input length (e.g., by 2 for char[], by 4 for int[]) without validating the len...
CVE-2023-34454 snappy-java's Integer Overflow vulnerability in compress leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...
CVE-2023-34454 snappy-java's Integer Overflow vulnerability in compress leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...
ai.grakn:grakn (>=0.13.0 <=0.14.0), ai.grakn:grakn-client (>=0.13.0 <=0.14.0) +4237 more potentially affected by CVE-2023-34453 via org.xerial.snappy:snappy-java (>=1.0.1-rc3 <=1.1.10.0)
org.xerial.snappy:snappy-java MAVEN version =1.0.1-rc3, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.13.0, =0.13.0, =0.6.1, =0.17.0, =0.13.0, =0.14.0 and more Source cves: CVE-2023-34453 Source advisory: OSV:GHSA-PQR6-CMR2-H8HF...
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
Summary Due to unchecked multiplications, an integer overflow may occur, causing a fatal error. Impact Denial of Service Description The function shuffleint inputhttps://github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/BitShuffle.javaL107...
GHSA-PQR6-CMR2-H8HF snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
Summary Due to unchecked multiplications, an integer overflow may occur, causing a fatal error. Impact Denial of Service Description The function shuffleint inputhttps://github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/BitShuffle.javaL107...
CVE-2023-34453 snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...
CVE-2023-34453 snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...
CVE-2023-34453 snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...