3 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-32829
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak...
GHSA-VVP9-7P8X-RFVV lz4_flex's decompression can leak information from uninitialized memory or reused output buffer
Summary Decompressing invalid LZ4 data can leak data from uninitialized memory, or can leak content from previous decompression operations when reusing an output buffer. Details The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from the...
PT-2026-25910
Summary Decompressing invalid LZ4 data can leak data from uninitialized memory, or can leak content from previous decompression operations when reusing an output buffer. Details The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from the...