Every CVE whose affected-product data names Facebook Zstandard, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-11922 — CVSS 8.1 (high): A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of…
CVE-2022-4899 — CVSS 7.5 (high): A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause…
CVE-2021-24031 — CVSS 5.5 (medium): In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions…
CVE-2021-24032 — CVSS 4.7 (medium): Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output…