[
https://issues.apache.org/jira/browse/CASSANDRA-21081?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18045795#comment-18045795
]
Kapil Shewate commented on CASSANDRA-21081:
-------------------------------------------
The CVE score is 8.8 HIGH , is Cassandra 5.0.4 vulnerable to this.
> CVE-2025-12183.Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and
> earlier allow remote attackers to cause denial of service and read adjacent
> memory via untrusted compressed input.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CASSANDRA-21081
> URL: https://issues.apache.org/jira/browse/CASSANDRA-21081
> Project: Apache Cassandra
> Issue Type: Bug
> Reporter: Kapil Shewate
> Priority: Normal
>
> CVE-2025-12183
> Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow
> remote attackers to cause denial of service and read adjacent memory via
> untrusted compressed input.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
