VYPR

rpm package

opensuse/zstd&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/zstd&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2022-4899Mar 31, 2023
    affected < 1.5.5-5.1fixed 1.5.5-5.1

    A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

  • CVE-2019-11922Jul 25, 2019
    affected < 1.5.0-1.13fixed 1.5.0-1.13

    A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.