CVE-2020-18974: Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. Upstream issue is currently untouched.
CVE-2021-45256 (https://bugzilla.nasm.us/show_bug.cgi?id=3392789): A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c. CVE-2021-45257 (https://bugzilla.nasm.us/show_bug.cgi?id=3392790): An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function. Can't tell if there's been any action taken upstream as their Bugzilla seems to be down.