Msrc Cbl2 Squashfs-Tools 4.5-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2015-4646 [HIGH] CWE-20 (1) unsquash-1.c (2) unsquash-2.c (3) unsquash-3.c and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. (1) unsquash-1.c (2) unsquash-2.c (3) unsquash-3.c and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and

CVE-2015-4645 [MEDIUM] CWE-190 Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input which trig Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input which triggers a stack-based buffer overflow. FAQ: Is Azure Linux the only Mi