CVE-2025-12183 CVE-2025-66566 LZ4 vulnerabilities (#157)

maximthomas · web-flow · commit 243e3ee351e8 · 2025-12-10T08:32:30.000+03:00
diff --git a/cassandra-embedded/pom.xml b/cassandra-embedded/pom.xml
@@ -69,11 +69,17 @@
 		    <groupId>org.apache.cassandra</groupId>
 		    <artifactId>cassandra-all</artifactId>
 		    <version>4.1.3</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.lz4</groupId>
+					<artifactId>lz4-java</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
-		    <groupId>org.lz4</groupId>
-		    <artifactId>lz4-java</artifactId>
-		    <version>1.8.0</version>
+			<groupId>at.yawk.lz4</groupId>
+			<artifactId>lz4-java</artifactId>
+			<version>1.10.1</version>
 		</dependency>
 		<dependency>
 		    <groupId>org.xerial.snappy</groupId>
