AZL-74517 CVE-2022-45493 affecting package suitesparse 7.11.0-1

Buffer overflow vulnerability in function jsonparsekey in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...

AZL-74514 CVE-2022-45492 affecting package suitesparse 7.11.0-1

Buffer overflow vulnerability in function jsonparsenumber in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...

AZL-74523 CVE-2022-45496 affecting package suitesparse 7.11.0-1

Buffer overflow vulnerability in function jsonparsestring in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...

new packages: suitesparse

An update is available for suitesparse. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

AZL-74241 CVE-2021-3520 affecting package suitesparse 7.11.0-1

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

AZL-45306 CVE-2015-8985 affecting package suitesparse 7.11.0-1

The popfailstack function in the GNU C Library aka glibc or libc6 allows context-dependent attackers to cause a denial of service assertion failure and application crash via vectors related to extended regular expression processing...