The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data.Referenceshttps://github.com/Ed-von-Schleck/shoco/issues/28
