CVE-2020-21685 (https://bugzilla.nasm.us/show_bug.cgi?id=3392644): Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. CVE-2020-21687 (https://bugzilla.nasm.us/show_bug.cgi?id=3392645): Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. Upstream couldn't reproduce, so calling these invalid for now, I guess.
CVE-2020-21686 (https://bugzilla.nasm.us/show_bug.cgi?id=3392643): A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.