rpm package
suse/graphviz&distro=SUSE Linux Enterprise Module for Basesystem 15 SP2
pkg:rpm/suse/graphviz&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-18032 | — | < 2.40.1-6.9.1 | 2.40.1-6.9.1 | Apr 29, 2021 | Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. | ||
| CVE-2019-11023 | — | < 2.40.1-6.3.2 | 2.40.1-6.3.2 | Apr 8, 2019 | The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv. |
- CVE-2020-18032Apr 29, 2021affected < 2.40.1-6.9.1fixed 2.40.1-6.9.1
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
- CVE-2019-11023Apr 8, 2019affected < 2.40.1-6.3.2fixed 2.40.1-6.3.2
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.