Critical severityNVD Advisory· Published Dec 27, 2022· Updated Apr 11, 2025
Out-of-bounds write in github.com/cloudflare/golz4
CVE-2014-125026
Description
LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/cloudflare/golz4Go | < 0.0.0-20140711154735-199f5f787806 | 0.0.0-20140711154735-199f5f787806 |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.