Tag
snappy-java
Safeguard articles tagged "snappy-java" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Security
CVE-2023-34455: snappy-java's Unchecked Chunk Length DoS
CVE-2023-34455 lets an attacker crash a JVM by feeding snappy-java a bogus chunk length. Here is the root cause, affected versions, and the fix.
Oct 2, 20255 min read
Security
CVE-2023-34453: The snappy-java Integer Overflow Explained
CVE-2023-34453 is an integer overflow in snappy-java's BitShuffle code that lets an attacker crash a JVM. Here are the affected versions and the fix.
Aug 24, 20255 min read