> Fixed: missing bounds check in maliciously-crafted Blob deserialization
> Fixed: integer overflow in IPC advanced serialization mode with malicious input
Where are the CVEs, Jarred?