It was discovered that Zstandard incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libzstd-dev", "binary_version": "1.3.3+dfsg-2ubuntu1.1" }, { "binary_name": "libzstd1", "binary_version": "1.3.3+dfsg-2ubuntu1.1" }, { "binary_name": "libzstd1-dbgsym", "binary_version": "1.3.3+dfsg-2ubuntu1.1" }, { "binary_name": "libzstd1-dev", "binary_version": "1.3.3+dfsg-2ubuntu1.1" }, { "binary_name": "libzstd1-udeb", "binary_version": "1.3.3+dfsg-2ubuntu1.1" }, { "binary_name": "zstd", "binary_version": "1.3.3+dfsg-2ubuntu1.1" }, { "binary_name": "zstd-dbgsym", "binary_version": "1.3.3+dfsg-2ubuntu1.1" } ] }