Vulnerabilities (CVE)

Filtered by vendor Graphviz Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-18032	3 Debian, Fedoraproject, Graphviz	3 Debian Linux, Fedora, Graphviz	2022-05-13	6.8 MEDIUM	7.8 HIGH
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
CVE-2019-11023	1 Graphviz	1 Graphviz	2020-06-30	6.8 MEDIUM	8.8 HIGH
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.
CVE-2014-1235	1 Graphviz	1 Graphviz	2017-08-29	6.8 MEDIUM	7.8 HIGH
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.