OESA-2021-1245 lz4 security update

🗓️ 26 Jun 2021 11:03:00Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

LZ4 security update fixes a flaw that can trigger an out of bounds write from crafted input.

Reporter	Title	Published	Views	Family All 161
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs	19 Oct 202115:38	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access	7 Jan 202200:24	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities	3 Dec 202118:52	–	ibm
IBM Security Bulletins	Security Bulletin: High severity vulnerabilities in libraries used by IBM Spectrum Discover (libraries of libraries)	27 Apr 202222:57	–	ibm
Tenable Nessus	Amazon Linux 2022 : lz4, lz4-devel, lz4-libs (ALAS2022-2022-169)	4 Nov 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : lz4, lz4-devel, lz4-libs (ALAS2023-2023-015)	21 Mar 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0049: lz4 (ALINUX3-SA-2021:0049)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : lz4 (ALSA-2021:2575)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : lz4 (CESA-2021:2575)	3 Jul 202100:00	–	nessus
Tenable Nessus	Debian DLA-2657-1 : lz4 security update	13 May 202100:00	–	nessus

Source	Link
openeuler	www.openeuler.org/en/security/safety-bulletin/detail.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-3520

03 Sep 2025 06:17Current

8.9High risk

Vulners AI Score8.9

CVSS 27.5

CVSS 3.19.8

EPSS0.00138

out of bounds crafted input security update lz4 algorithm vulnerability