CVE-2021-3520 Whether the vulnerability affects LZ4-Java
echopairs opened this issue · 2 comments
echopairs commented
Lz4-java relies on the open source software LZ4, which has a CVE vulnerability, whether this vulnerability affects LZ4-Java
labulalala commented
@odaira I see that you have upgraded the version of lz4 to 1.9.4 (which fixes this vulnerability lz4/lz4#972 ). Are there any plans to release a new version soon?