Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| at.yawk.lz4:lz4-java(Maven) | 0 | 1.8.1 | N/A |
| org.lz4:lz4-java(Maven) | 0 | 1.8.1 | N/A |
| org.lz4:lz4-pure-java(Maven) | 0 | N/A | N/A |
| net.jpountz.lz4:lz4(Maven) | 0 | N/A | N/A |
CVSS Metrics
