VYPR
High severityOSV Advisory· Published Nov 28, 2025· Updated Apr 15, 2026

CVE-2025-12183

CVE-2025-12183

Description

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
at.yawk.lz4:lz4-javaMaven
< 1.8.11.8.1
org.lz4:lz4-javaMaven
< 1.8.11.8.1
org.lz4:lz4-pure-javaMaven
<= 1.8.0
net.jpountz.lz4:lz4Maven
<= 1.3.0

Affected products

97

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.