pkg:maven/org.xerial.snappy/snappy-java
Type
maven
Namespace
org.xerial.snappy
Name
snappy-java
Known advisories, vulnerabilities and fixes for org.xerial.snappy/snappy-java package.
High
2
Moderate
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 1.1.10.3 |
CVE-2023-43642
|
 MAVEN:GHSA-55G7-9CWV-5QFV
|
snappy-java's missing upper bound check on chunk length can lead to Denial of Service (DoS) impact | high |
2023-09-25T18:30:18
(11 months ago) |
|
| Fixed | = 1.1.10.4 |
CVE-2023-43642
|
MAVEN:GHSA-55G7-9CWV-5QFV
|
snappy-java's missing upper bound check on chunk length can lead to Denial of Service (DoS) impact | high |
2023-09-25T18:30:18
(11 months ago) |
|
| Affected | <= 1.1.10.0 |
CVE-2023-34454
|
MAVEN:GHSA-FJPJ-2G6W-X25R
|
snappy-java's Integer Overflow vulnerability in compress leads to DoS | moderate |
2023-06-15T16:28:08
(15 months ago) |
|
| Fixed | = 1.1.10.1 |
CVE-2023-34454
|
MAVEN:GHSA-FJPJ-2G6W-X25R
|
snappy-java's Integer Overflow vulnerability in compress leads to DoS | moderate |
2023-06-15T16:28:08
(15 months ago) |
|
| Affected | <= 1.1.10.0 |
CVE-2023-34453
|
MAVEN:GHSA-PQR6-CMR2-H8HF
|
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS | moderate |
2023-06-15T16:13:20
(15 months ago) |
|
| Fixed | = 1.1.10.1 |
CVE-2023-34453
|
MAVEN:GHSA-PQR6-CMR2-H8HF
|
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS | moderate |
2023-06-15T16:13:20
(15 months ago) |
|
| Affected | <= 1.1.10.0 |
CVE-2023-34455
|
MAVEN:GHSA-QCWQ-55HX-V3VH
|
snappy-java's unchecked chunk length leads to DoS | high |
2023-06-15T17:15:06
(15 months ago) |
|
| Fixed | = 1.1.10.1 |
CVE-2023-34455
|
MAVEN:GHSA-QCWQ-55HX-V3VH
|
snappy-java's unchecked chunk length leads to DoS | high |
2023-06-15T17:15:06
(15 months ago) |