MidnightBSD

Advisories for graphviz

CVE-2005-4803 LOW

graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
graphviz graphviz 1.8.5.1
graphviz graphviz 1.8.5.2
graphviz graphviz 1.7.5_0.1
graphviz graphviz 1.5.3
graphviz graphviz 1.7.5.5
graphviz graphviz 1.16.1
graphviz graphviz 1.7.5.2
graphviz graphviz 1.7.5.1
graphviz graphviz 1.7.5.7
graphviz graphviz 1.14.1
graphviz graphviz 1.7.5_0.3
graphviz graphviz 1.7.16.2
graphviz graphviz 1.5.2
graphviz graphviz 1.7.5.6
graphviz graphviz 1.12.1
graphviz graphviz *
graphviz graphviz 1.7.5.3
graphviz graphviz 1.5.1
graphviz graphviz 1.8.9.1
graphviz graphviz 1.7.16.1
graphviz graphviz 1.10_2003-09-15_0415_1
graphviz graphviz 1.12.2
graphviz graphviz 1.12.3
graphviz graphviz 1.7.5.4
graphviz graphviz 1.7.5_0.2
graphviz graphviz 1.10_2003-09-15_0415_2
CVE-2014-0978 HIGH

Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphviz graphviz 2.34.0
CVE-2014-1235 MEDIUM

Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphviz graphviz 2.34.0
CVE-2014-1236 HIGH

Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphviz graphviz 2.34.0
CVE-2014-9157 HIGH

Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-134,

Products Affected

Vendor Product Version
graphviz graphviz *
debian debian_linux 7.0
debian debian_linux 8.0
CVE-2018-10196 MEDIUM

NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphviz graphviz 2.40.1
fedoraproject fedora 27
canonical ubuntu_linux 14.04
canonical ubuntu_linux 18.04
fedoraproject fedora 28
canonical ubuntu_linux 16.04
CVE-2019-11023 MEDIUM

The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphviz graphviz 2.39.20160612.1140
CVE-2019-9904 MEDIUM

An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agclose calls in lib\cgraph\graph.c in libcgraph.a, related to agfstsubg in lib\cgraph\subg.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-674,

Products Affected

Vendor Product Version
graphviz graphviz 2.40.1
CVE-2020-18032 MEDIUM

Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
fedoraproject fedora 34
graphviz graphviz *
fedoraproject fedora 33
CVE-2023-46045

Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
graphviz graphviz *