Security

Report a vulnerability

SECURITY.md

Security Policy

Supported Versions

Version	Supported
1.1.9.x	✅
< 1.1.8.x	❌

Reporting a Vulnerability

https://github.com/xerial/snappy-java/security/advisories

Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact
GHSA-55g7-9cwv-5qfv published Sep 23, 2023 by xerial

High
Integer overflow in shuffle leads to DoS
GHSA-pqr6-cmr2-h8hf published Jun 14, 2023 by xerial

Moderate
Integer overflow in compress leads to DoS
GHSA-fjpj-2g6w-x25r published Jun 14, 2023 by xerial

Moderate
Unchecked chunk length leads to DoS
GHSA-qcwq-55hx-v3vh published Jun 14, 2023 by xerial

High

Learn more about advisories related to xerial/snappy-java in the GitHub Advisory Database