AZL-10530 CVE-2022-1962 affecting package golang for versions less than 1.18.5-1

Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations...

AZL-6608 CVE-2021-37750 affecting package krb5 for versions less than 1.19.3-1

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c via a FAST inner body that lacks a server field...