CVE-2025-12183

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions org.lz4:lz4-java versions prior to 1.8.0

Description The software contains flaws related to memory handling. Specifically, out-of-bounds memory operations can occur when processing untrusted compressed input. This can lead to a denial of service and potential reading of adjacent memory.

Recommendations Update to a version newer than 1.8.0.

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2025-15118

CLEANSTART-2026-AO61361

CVE-2025-12183

ECHO-CD33-EC70-D5F2

GHSA-VQF4-7M7X-WGFC

OPENSUSE-SU-2026:10317-1

RHSA-2026:1870

RHSA-2026:1871

Affected Products

Debian

Lz4-Java

CVE-2025-12183

Weakness Enumeration

Related Identifiers

Affected Products

References · 56