Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
14 Oct 2019
17 Jul 2019
How to fix?
There is no fixed version for
lz4 is a lossless compression algorithm, providing compression speed at 400 MB/s per core, scalable with multi-cores CPU.
Affected versions of this package are vulnerable to Buffer Overflow in
LZ4_write32 (related to
LZ4_compress_destSize), affecting applications that call
LZ4_compress_fast with a large input. (This issue can also lead to data corruption.)