Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Netty 资源管理错误漏洞
Vulnerability Description
Netty是Netty社区的一款非阻塞I/O客户端-服务器框架,它主要用于开发Java网络应用程序,如协议服务器和客户端等。 Netty 存在资源管理错误漏洞,该漏洞源于Snappy frame decoder函数不限制块长度,这可能会导致过度内存使用。
CVSS Information
N/A
Vulnerability Type
N/A