« List of all CVEs

CVE-2019-11922

Published: 7/25/2019 Last updated: 8/4/2024 Reserved: 5/13/2019

A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.

CNA assigner: facebook (4fc57720-52fe-4431-a0fb-3d2c8747b827) Requested by: n/a

Opam packages affected (6)

conf-llvm conf-llvm-shared conf-llvm-static conf-mingw-w64-zstd-i686 conf-mingw-w64-zstd-x86_64 conf-zstd

Products affected (1)

Product Vendor Version
Zstandard Facebook n/a

References (14)