There is 1 open security issue in bullseye.
1 issue left for the package maintainer to handle:
snappy-java is a Java port of the snappy, a fast C++ compresser/decompresser developed by Google. The SnappyInputStream was found to be vulnerable to Denial of Service (DoS) attacks when decompressing data with a too large chunk size. Due to missing upper bound check on chunk length, an unrecoverable fatal error can occur. All versions of snappy-java including the latest released version 188.8.131.52 are vulnerable to this issue. A fix has been introduced in commit `9f8c3cf74` which will be included in the 184.108.40.206 release. Users are advised to upgrade. Users unable to upgrade should only accept compressed data from trusted sources.
You can find information about how to handle this issue in the security team's documentation.