Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.
CVSS Information
N/A
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
LZ4 输入验证错误漏洞
Vulnerability Description
LZ4是一款无损压缩算法。 LZ4 1:1.9.3-1 存在输入验证错误漏洞,该漏洞源于整数溢出bug导致一个memmove参数变为负数而导致的潜在内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A