Download
| Alert*
oval:org.secpod.oval:def:605058
liblz4-1 is installed oval:org.secpod.oval:def:2003595 LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 , affecting applications that call LZ4_compress_fast with a large input. NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk." oval:org.secpod.oval:def:706021 lz4: Extremely fast compression algorithm LZ4 could be made to crash or run programs if it opened a specially crafted file. |