VulnerableCode Package Details - pkg:deb/debian/graphviz@2.26.3-14%2Bdeb7u2

Search for packages

Package details: pkg:deb/debian/graphviz@2.26.3-14%2Bdeb7u2

Essentials
History (11)

purl	pkg:deb/debian/graphviz@2.26.3-14%2Bdeb7u2

Next non-vulnerable version	2.42.4-3
Latest non-vulnerable version	2.42.4-3
Risk	3.5

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-1b23-5w2s-fkc2 Aliases: CVE-2014-1236		2.38.0-7 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hjv4-7a84-yubw Aliases: CVE-2014-1235		2.38.0-7 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-k7h5-kena-u3e1 Aliases: CVE-2014-9157		2.38.0-7 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-q1x2-r9y8-7kh3 Aliases: CVE-2018-10196	NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.	2.40.1-6+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-vekw-ewkt-r3eq Aliases: CVE-2020-18032	Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.	2.40.1-6+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.42.2-5+deb11u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-wjn4-kajf-4ygv Aliases: CVE-2014-0978		2.38.0-7 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (4)

Vulnerability	Summary	Aliases
VCID-1b23-5w2s-fkc2		CVE-2014-1236
VCID-addv-ycrj-s7fj	libtool: libltdl may load and execute code from a library in the current directory	CVE-2009-3736
VCID-k7h5-kena-u3e1		CVE-2014-9157
VCID-wjn4-kajf-4ygv		CVE-2014-0978

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T17:48:42.166994+00:00	Debian Oval Importer	Affected by	VCID-q1x2-r9y8-7kh3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:02:22.022749+00:00	Debian Oval Importer	Affected by	VCID-hjv4-7a84-yubw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:50:12.409147+00:00	Debian Oval Importer	Fixing	VCID-addv-ycrj-s7fj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:31:12.007928+00:00	Debian Oval Importer	Affected by	VCID-k7h5-kena-u3e1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:10:40.983687+00:00	Debian Oval Importer	Affected by	VCID-vekw-ewkt-r3eq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:11:06.340704+00:00	Debian Oval Importer	Affected by	VCID-wjn4-kajf-4ygv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:10:33.411229+00:00	Debian Oval Importer	Affected by	VCID-1b23-5w2s-fkc2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T11:41:40.203491+00:00	Debian Oval Importer	Affected by	VCID-vekw-ewkt-r3eq	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T09:44:47.811861+00:00	Debian Oval Importer	Fixing	VCID-wjn4-kajf-4ygv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:40:39.437374+00:00	Debian Oval Importer	Fixing	VCID-1b23-5w2s-fkc2	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:36:50.535990+00:00	Debian Oval Importer	Fixing	VCID-k7h5-kena-u3e1	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0