DEBIAN-CVE-2025-62813
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-62813
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2025-62813.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2025-62813
- Upstream
- Withdrawn
- 2025-10-31T04:32:30.274071Z
- Published
- 2025-10-23T04:17:26Z
- Modified
- 2025-10-31T04:32:30.274071Z
- Summary
- [none]
- Details
-
LZ4 through 1.10.0 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact when the application processes untrusted LZ4 frames. For example, LZ4FcreateCDictadvanced in lib/lz4frame.c mishandles NULL checks.
- References
Affected packages
Debian:11 / lz4
Package
- Name
- lz4
- Purl
- pkg:deb/debian/lz4?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:12 / lz4
Package
- Name
- lz4
- Purl
- pkg:deb/debian/lz4?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / lz4
Package
- Name
- lz4
- Purl
- pkg:deb/debian/lz4?arch=source
Debian:14 / lz4
Package
- Name
- lz4
- Purl
- pkg:deb/debian/lz4?arch=source