Search for packages
Package details: pkg:deb/debian/graphviz@2.38.0-7
purl pkg:deb/debian/graphviz@2.38.0-7
Next non-vulnerable version 2.42.4-3
Latest non-vulnerable version 2.42.4-3
Risk 3.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-6s5b-bjgh-aaas
Aliases:
CVE-2018-10196
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
2.40.1-6+deb10u1
Affected by 2 other vulnerabilities.
VCID-eyru-akun-aaaa
Aliases:
CVE-2020-18032
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
2.40.1-6+deb10u1
Affected by 2 other vulnerabilities.
2.42.2-5+deb11u1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-fea2-sbqr-aaaa Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list." CVE-2014-1236
VCID-qvcm-vzm8-aaab Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string. CVE-2014-9157
VCID-uc55-jdgf-aaaa Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. CVE-2014-0978
VCID-us9k-2tn2-aaag Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978. CVE-2014-1235

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:07:40.943910+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:22:24.683549+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T16:55:44.415552+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:28:24.497302+00:00 Debian Oval Importer Fixing VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:21:32.007240+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:36:12.405082+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:32:09.207059+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:11:00.135766+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-20T22:48:00.713180+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.1.3
2025-06-20T22:31:05.139919+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.1.3
2025-06-20T21:44:10.458671+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa None 36.1.3
2025-06-20T21:21:53.013150+00:00 Debian Oval Importer Fixing VCID-us9k-2tn2-aaag None 36.1.3
2025-06-20T20:38:40.961989+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa None 36.1.3
2025-06-20T19:51:00.806053+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab None 36.1.3
2025-06-08T13:18:12.789507+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:20:23.949893+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:36:44.030710+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:53:11.017780+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:40:52.208916+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:22:57.522340+00:00 Debian Oval Importer Fixing VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:15:47.347709+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:29:19.296154+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:31:06.961087+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:16:59.691386+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T16:11:54.091217+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.1.0
2025-06-07T15:55:12.515996+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.1.0
2025-06-07T15:07:07.019095+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa None 36.1.0
2025-06-07T14:45:04.991752+00:00 Debian Oval Importer Fixing VCID-us9k-2tn2-aaag None 36.1.0
2025-06-07T14:11:17.699941+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa None 36.1.0
2025-06-07T13:42:24.983607+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab None 36.1.0
2025-04-12T20:49:51.015165+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:14:44.178120+00:00 Debian Oval Importer Fixing VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:06:15.089414+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:06:20.786007+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:21:16.953640+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:35:37.799835+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:13:17.071964+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:54:18.405975+00:00 Debian Oval Importer Fixing VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:47:22.780600+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:02:07.464719+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:02:26.795318+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:48:02.674094+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T14:43:17.813221+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.0.0
2025-04-07T14:26:11.819926+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.0.0
2025-04-07T13:38:52.790179+00:00 Debian Oval Importer Fixing VCID-uc55-jdgf-aaaa None 36.0.0
2025-04-07T13:17:05.689132+00:00 Debian Oval Importer Fixing VCID-us9k-2tn2-aaag None 36.0.0
2025-04-07T12:44:34.363188+00:00 Debian Oval Importer Fixing VCID-fea2-sbqr-aaaa None 36.0.0
2025-04-07T12:17:43.527626+00:00 Debian Oval Importer Fixing VCID-qvcm-vzm8-aaab None 36.0.0