AZL-74517 CVE-2022-45493 affecting package suitesparse 7.11.0-1

Buffer overflow vulnerability in function jsonparsekey in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...

AZL-74241 CVE-2021-3520 affecting package suitesparse 7.11.0-1

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...