Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:26238
HistoryAug 06, 2020 - 9:37 p.m.

Buffer Overflows

2020-08-0621:37:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
buffer overflow
lz4_write32
lz4_compress_destsize
applications
heap-based buffer overflow
software

EPSS

0.008

Percentile

81.5%

LZ4 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input.

Affected configurations

Vulners
Node
-lz4\Match3.101.9.1-r0
OR
lz4Range1.3.1.2
VendorProductVersionCPE
-lz4\3.10cpe:2.3:a:-:lz4\:3.10:1.9.1-r0:*:*:*:*:*:*:*
*lz4*cpe:2.3:a:*:lz4:*:*:*:*:*:*:*:*

References