CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
46.6%
snappy-java is vulnerable to Integer Overflow. The vulnerability exists because the compress
function receives an array of characters and multiplies the value by two, and passes it to the rawCompress
function of Snappy.java
which does not properly check the length and causes an integer overflow, or the value becomes negative which leads to java.lang.NegativeArraySizeException
exception if the size is too small to use for the compression, causing a fatal Access Violation error, allowing an attacker to crash the application.
github.com/advisories/GHSA-fjpj-2g6w-x25r
github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/Snappy.java#L169
github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/Snappy.java#L422
github.com/xerial/snappy-java/blob/master/src/main/java/org/xerial/snappy/Snappy.java
github.com/xerial/snappy-java/commit/d0042551e4a3509a725038eb9b2ad1f683674d94
github.com/xerial/snappy-java/security/advisories/GHSA-fjpj-2g6w-x25r