CVE-2023-3635

Published July 12th, 2023

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.

square/okio

A modern I/O library for Android, Java, and Kotlin Multiplatform.

GitHub