CVE-2023-34453

CVE-2023-34453 affects snappy-java (Java port of Snappy). The vulnerability stems from unchecked multiplications in BitShuffle.java (shuffle variants for int, double, float, long, short), where length×multiplier can overflow, producing negative or zero values. This can trigger NegativeArraySizeEx...

PT-2023-4869 · Atlassian · Bitbucket Server +2

Name of the Vulnerable Software and Affected Versions: snappy-java versions prior to 1.1.10.1 Description: The issue is related to an integer overflow in the compresschar input function of the snappy-java library, which can cause an unrecoverable fatal error. This occurs when the length of the...

snappy-java 输入验证错误漏洞

snappy-java is the java port of snappy, a compression program by Taro L. Saito Personal Developer. An input validation error vulnerability exists in versions of snappy-java prior to 1.1.10.1, which stems from an unchecked multiplication operation that could result in an integer overflow leading t...

snappy-java 输入验证错误漏洞

snappy-java is the java port of snappy, a compression program by Taro L. Saito Personal Developer. An input validation error vulnerability exists in versions of snappy-java prior to 1.1.10.1, which stems from an unchecked multiplication operation that could result in an integer overflow leading t...

PT-2023-4871 · Unknown +1 · Snappy-Java +2

Name of the Vulnerable Software and Affected Versions: snappy-java versions prior to 1.1.10.1 Description: The issue is related to an integer overflow in the shuffleint input function in the file BitShuffle.java, which can cause a fatal error. This function applies a bit shuffle to an array of...

PT-2023-4870 · Atlassian · Bitbucket Server +2

Name of the Vulnerable Software and Affected Versions: snappy-java versions prior to 1.1.10.1 Description: The issue is related to the use of an unchecked chunk length in the hasNextChunk function of the SnappyInputStream class, which can lead to an unrecoverable fatal error. This error occurs wh...