GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
14 advisories
aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer
High
CVE-2025-67721
was published
for
io.airlift:aircompressor
(Maven)
Dec 12, 2025
yawkat LZ4 Java has a possible information leak in Java safe decompressor
High
CVE-2025-66566
was published
for
at.yawk.lz4:lz4-java
(Maven)
Dec 5, 2025
ProTip!
Advisories are also available from the
GraphQL API