Lz4_project Lz4
2 CVEs affecting Lz4_project Lz4. Latest disclosed: 2021-06-02. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-3520 | Critical | 9.8 | 2021-06-02 | There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling… |
CVE-2019-17543 | High | 8.1 | 2019-10-14 | LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a… |