Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/17 4:32 a.m.6 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to snappy-java

Summary IBM webMethods BPM uses snappy-java which is automatically pulled in by kafka-clients as a compression codec dependency. The project doesn't directly use Snappy; it's used internally by Kafka for efficient message compression when streaming events through webmethods's event streaming...

7.5CVSS5.5AI score0.01762EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-34453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a...

7.5CVSS6.9AI score0.01707EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-34455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to...

7.5CVSS6.9AI score0.01762EPSS
Exploits1References3
NVD
NVD
added 2023/06/15 5:15 p.m.15 views

CVE-2023-34454

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...

7.5CVSS6.5AI score0.01469EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/06/15 5:15 p.m.166 views

CVE-2023-34454

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...

7.5CVSS6.8AI score0.01469EPSS
Exploits0References6
OSV
OSV
added 2023/06/15 5:15 p.m.3 views

UBUNTU-CVE-2023-34453

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...

7.5CVSS6.9AI score0.01707EPSS
Exploits1References6
OSV
OSV
added 2023/06/15 4:27 p.m.25 views

CVE-2023-34454 snappy-java's Integer Overflow vulnerability in compress leads to DoS

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...

5.9CVSS6.8AI score0.01469EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/06/15 12:0 a.m.3 views

snappy-java 输入验证错误漏洞

snappy-java is the java port of snappy, a compression program by Taro L. Saito Personal Developer. An input validation error vulnerability exists in versions of snappy-java prior to 1.1.10.1, which stems from an unchecked multiplication operation that could result in an integer overflow leading t...

7.5CVSS7.1AI score0.01707EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.4 views

PT-2023-4869

Name of the Vulnerable Software and Affected Versions snappy-java versions prior to 1.1.10.1 Description The issue is related to an integer overflow in the compresschar input function of the snappy-java library, which can cause an unrecoverable fatal error. This occurs when the length of the inpu...

7.8CVSS6.8AI score0.01469EPSS
Exploits0References218
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.23 views

Gentoo Security Advisory GLSA 200802-12 (xine-lib)

The remote host is missing updates announced in advisory GLSA 200802-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.5AI score0.14637EPSS
Exploits3
Rows per page
Query Builder