rpm package
suse/graphviz-addons&distro=SUSE Linux Enterprise Module for Development Tools 15 SP1
pkg:rpm/suse/graphviz-addons&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-11023 | — | < 2.40.1-6.3.2 | 2.40.1-6.3.2 | Apr 8, 2019 | The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv. | ||
| CVE-2018-10196 | — | < 2.40.1-6.6.8 | 2.40.1-6.6.8 | May 30, 2018 | NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file. |
- CVE-2019-11023Apr 8, 2019affected < 2.40.1-6.3.2fixed 2.40.1-6.3.2
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.
- CVE-2018-10196May 30, 2018affected < 2.40.1-6.6.8fixed 2.40.1-6.6.8
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.