Search for packages
Package details: pkg:deb/debian/graphviz@2.2.1-1sarge1
purl pkg:deb/debian/graphviz@2.2.1-1sarge1
Next non-vulnerable version 2.42.4-3
Latest non-vulnerable version 2.42.4-3
Risk 4.5
Vulnerabilities affecting this package (8)
Vulnerability Summary Fixed by
VCID-6s5b-bjgh-aaas
Aliases:
CVE-2018-10196
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
2.40.1-6+deb10u1
Affected by 2 other vulnerabilities.
VCID-a41g-bu5m-aaah
Aliases:
CVE-2008-4555
Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements.
2.20.2-3
Affected by 7 other vulnerabilities.
VCID-eyru-akun-aaaa
Aliases:
CVE-2020-18032
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
2.40.1-6+deb10u1
Affected by 2 other vulnerabilities.
2.42.2-5+deb11u1
Affected by 1 other vulnerability.
VCID-fea2-sbqr-aaaa
Aliases:
CVE-2014-1236
Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list."
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
2.38.0-7
Affected by 2 other vulnerabilities.
VCID-kdf2-e615-aaaj
Aliases:
CVE-2009-3736
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
VCID-qvcm-vzm8-aaab
Aliases:
CVE-2014-9157
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
2.38.0-7
Affected by 2 other vulnerabilities.
VCID-uc55-jdgf-aaaa
Aliases:
CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
2.38.0-7
Affected by 2 other vulnerabilities.
VCID-us9k-2tn2-aaag
Aliases:
CVE-2014-1235
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.
2.38.0-7
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-4959-suac-aaak graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier. CVE-2005-4803

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:07:40.930116+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:22:24.667596+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:02:24.800460+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:55:44.400311+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:47:37.294637+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:28:24.481349+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:21:31.992145+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:36:12.388957+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:32:09.189716+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:28:16.623986+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:11:00.120735+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T09:23:13.534225+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:19:19.192104+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:15:32.980334+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-20T23:40:31.266651+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah None 36.1.3
2025-06-20T22:48:00.698249+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.1.3
2025-06-20T22:31:05.126060+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.1.3
2025-06-20T21:21:53.002302+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag None 36.1.3
2025-06-20T21:08:07.516392+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj None 36.1.3
2025-06-20T21:01:25.343381+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak None 36.1.3
2025-06-20T20:38:40.950076+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa None 36.1.3
2025-06-20T19:34:09.246656+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa None 36.1.3
2025-06-20T19:29:50.401299+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.1.3
2025-06-08T13:18:12.776969+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:54:05.683299+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:20:23.939211+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:36:44.018293+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:53:11.006183+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:47:27.257554+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:40:52.198305+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:41:02.130531+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:22:57.509506+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:15:47.336930+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:29:19.285467+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:31:06.948355+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:28:37.714598+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:16:59.678485+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T03:11:06.174641+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:07:09.639334+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:03:15.600815+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-07T17:03:27.281215+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah None 36.1.0
2025-06-07T16:11:54.080332+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.1.0
2025-06-07T15:55:12.503322+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.1.0
2025-06-07T14:45:04.980339+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag None 36.1.0
2025-06-07T14:33:33.788971+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj None 36.1.0
2025-06-07T14:28:27.377595+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak None 36.1.0
2025-06-07T14:11:17.688069+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa None 36.1.0
2025-06-07T13:30:05.286263+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa None 36.1.0
2025-06-07T13:26:46.417888+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.1.0
2025-06-03T13:26:03.248456+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.1.2
2025-04-12T21:56:19.932840+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:49:50.977990+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:14:44.143150+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:05:40.160526+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:06:15.054560+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:41:15.400177+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:06:20.751159+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:21:16.917943+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:35:37.765713+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:19:45.067286+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:13:17.035004+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:12:30.106008+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:54:18.370971+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:47:22.749989+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:02:07.429202+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:02:26.760946+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:59:50.800114+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:48:02.639376+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T01:38:30.873344+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:34:23.432072+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:30:24.027075+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T15:36:46.384345+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah None 36.0.0
2025-04-07T14:43:17.775079+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.0.0
2025-04-07T14:26:11.782146+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.0.0
2025-04-07T13:17:05.651330+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag None 36.0.0
2025-04-07T13:05:37.060824+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj None 36.0.0
2025-04-07T13:00:44.836923+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak None 36.0.0
2025-04-07T12:44:34.325714+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa None 36.0.0
2025-04-07T12:05:32.052579+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa None 36.0.0
2025-04-07T12:02:18.203204+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.0.0
2024-11-27T09:54:16.547803+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T19:06:11.917894+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-25T13:22:04.337852+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T05:23:46.119481+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T19:16:47.700204+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-11T23:39:22.967285+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T20:38:20.018337+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T17:01:38.587722+00:00 Debian Oval Importer Affected by VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T11:35:50.567437+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-02-07T20:51:02.400470+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.0rc2
2024-02-07T20:51:01.550803+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 34.0.0rc2
2024-02-07T20:25:14.692068+00:00 Debian Oval Importer Fixing VCID-4959-suac-aaak None 34.0.0rc2