CVE-2020-15904
The CVE-2020-15904 entry concerns bsdiff4 prior to 1.2.0, where a vulnerability in the patching routine allows a crafted patch file to cause a heap-memory write beyond allocated bounds. Affected component: bsdiff4 patching logic (before 1.2.0). Root cause: buffer/heap overflow during patch proces...