AZL-28060 CVE-2021-32292 affecting package json-c for versions less than 0.15-2

An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...

AZL-6506 CVE-2020-12762 affecting package json-c for versions less than 0.15-2

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend...