pkg:Debian/graphviz

All known vulnerabilities

• HIGH8.8CVE-2019-11023The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by grap…
  from 0
• HIGH7.8CVE-2023-46045Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file.
  from 0
• HIGH7.8CVE-2020-18032graphviz - security update
  from 0, < 2.40.1-6+deb10u1
• HIGH7.8CVE-2020-18032graphviz - security update
  from 0, < 2.42.2-5
• HIGH7.8CVE-2014-1235Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denia…
  from 0, < 2.26.3-16.1
• MEDIUM5.5CVE-2018-10196graphviz - security update
  from 0, < 2.40.1-6
• MEDIUM5.5CVE-2018-10196graphviz - security update
  from 0, < 2.38.0-17+deb9u1
• —CVE-2014-9157graphviz - security update
  from 0, < 2.26.3-5+squeeze3
• —CVE-2014-9157graphviz - security update
  from 0, < 2.38.0-7
• —CVE-2014-9157graphviz - security update
  from 0, < 2.26.3-14+deb7u2
• —CVE-2014-0978graphviz - buffer overflow
  from 0, < 2.26.3-16
• —CVE-2014-0978graphviz - buffer overflow
  from 0, < 2.26.3-5+squeeze2
• —CVE-2014-1236Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impa…
  from 0, < 2.26.3-16.1
• —CVE-2009-3736libtool - privilege escalation
  from 0, < 2.26.3-14
• —CVE-2008-4555Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, a…
  from 0, < 2.20.2-3
• —CVE-2005-4803graphviz - insecure temporary file
  from 0, < 2.2.1-1sarge1
• —CVE-2005-4803graphviz - insecure temporary file
  from 0, < 2.2.1-1sarge1