CVE-2025-12183

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

DEBIAN-CVE-2025-12183

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

UBUNTU-CVE-2025-12183

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

EUVD-2025-199880

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

CVE-2025-12183 org.lz4:lz4-java - Out-of-Bounds Memory Access

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

CVE-2025-12183

CVE-2025-12183 arises from out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier, enabling remote DoS and memory disclosure via untrusted input. Connected advisories show this affects multiple products using yawkat LZ4 Java (e.g., IBM InfoSphere Information Server, IBM Maximo comp...

CVE-2025-12183

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

CVE-2025-12183 org.lz4:lz4-java - Out-of-Bounds Memory Access

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

LZ4 Java Compression has Out-of-bounds memory operations which can cause DoS

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input. This is fixed in a forked release: at.yawk.lz4:lz4-java version 1.8.1. The original project has been archived:...

LZ4 Java 安全漏洞

LZ4 Java is a compression library for Java by the individual developer Jonas Konrad. A security vulnerability exists in LZ4 Java 1.8.0 and earlier versions that stems from an out-of-bounds memory operation when processing untrustworthy compressed input, which could result in a denial of service a...

PT-2025-48344

Name of the Vulnerable Software and Affected Versions org.lz4:lz4-java versions prior to 1.8.0 Description The software contains flaws related to memory handling. Specifically, out-of-bounds memory operations can occur when processing untrusted compressed input. This can lead to a denial of servi...

rhel8 bug fix and enhancement update

An update is available for jmc, ee4j-parent, jaf, HdrHistogram, lz4-java, owasp-java-encoder, directory-maven-plugin, jmc-core. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...