CVE-2022-4899

zstd vulnerable to buffer overrun

Description

A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

APT

Publish Date

March 31, 2023

Modified Date

October 9, 2025

Score Vector

Affected Versions