Msrc Azl3 Graphviz 2.42.4-12 On Azure Linux 3.0 vulnerabilities

CVE-2023-46045 [HIGH] CWE-125 Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root. Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potent

CVE-2020-18032 [HIGH] CWE-120 Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. FAQ: Is Azu