CVE-2023-34455

Name of the Vulnerable Software and Affected Versions snappy-java versions prior to 1.1.10.1

Description The issue is related to the use of an unchecked chunk length in the hasNextChunk function of the SnappyInputStream class, which can lead to an unrecoverable fatal error. This error occurs when the code attempts to read 4 bytes from the input stream and treats them as the length of the next chunk. If the compressed variable is null, a byte array is allocated with the size given by the input data. Since the code does not test the legality of the chunkSize variable, it is possible to pass a negative number or a huge positive value, which can cause the code to raise a java.lang.NegativeArraySizeException or a fatal java.lang.OutOfMemoryError.

Recommendations For snappy-java versions prior to 1.1.10.1, upgrade to version 1.1.10.1 or later to resolve the issue. For Bitbucket Data Center and Server 7.21, upgrade to a release greater than or equal to 7.21.21. For Bitbucket Data Center and Server 8.9, upgrade to a release greater than or equal to 8.9.5. For Bitbucket Data Center and Server 8.13, upgrade to a release greater than or equal to 8.13.1.