pairs
pairs
lz4-java-1.7.1.jar depends on lz 1.9.2 (fd2ef5), and include lz so in lz4-java-1.7.1.jar。 I checked the symbol table with the strings command and found that the LZ version of the AARCH64...
Lz4-java relies on the open source software LZ4, which has a CVE vulnerability, whether this vulnerability affects LZ4-Java
JBR is customized based on openJDK. Because openJDK has some security holes, there are generally two ways to address them. One is to patch the JBR with the corresponding OpenJDK...