> Fixed: HTTP request smuggling attack vector

> Fixed: missing bounds check in maliciously-crafted Blob deserialization

> Fixed: integer overflow in IPC advanced serialization mode with malicious input

Where are the CVEs, Jarred?