CVE-2025-12183

Summary

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.

Affected Software

VendorProductVersion RangeStatus
1.0.0 <= 1.8.0affected
1.0.0 <= 1.8.0affected
1.0.0 <= 1.8.0affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References