VYPR

Lz4 Java

by Yawkat

Source repositories

CVEs (2)

  • CVE-2025-12183HigNov 28, 2025
    risk 0.50cvss epss 0.01

    Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.

  • CVE-2025-66566HigDec 5, 2025
    risk 0.46cvss epss 0.01

    yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where…