Search for packages
Package details: pkg:deb/debian/graphviz@2.20.2-3
purl pkg:deb/debian/graphviz@2.20.2-3
Next non-vulnerable version 2.42.4-3
Latest non-vulnerable version 2.42.4-3
Risk 4.5
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-6s5b-bjgh-aaas
Aliases:
CVE-2018-10196
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
2.40.1-6+deb10u1
Affected by 2 other vulnerabilities.
VCID-eyru-akun-aaaa
Aliases:
CVE-2020-18032
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
2.40.1-6+deb10u1
Affected by 2 other vulnerabilities.
2.42.2-5+deb11u1
Affected by 1 other vulnerability.
VCID-fea2-sbqr-aaaa
Aliases:
CVE-2014-1236
Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list."
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
2.38.0-7
Affected by 2 other vulnerabilities.
VCID-kdf2-e615-aaaj
Aliases:
CVE-2009-3736
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
VCID-qvcm-vzm8-aaab
Aliases:
CVE-2014-9157
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
2.38.0-7
Affected by 2 other vulnerabilities.
VCID-uc55-jdgf-aaaa
Aliases:
CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.
2.26.3-14+deb7u2
Affected by 6 other vulnerabilities.
2.38.0-7
Affected by 2 other vulnerabilities.
VCID-us9k-2tn2-aaag
Aliases:
CVE-2014-1235
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.
2.38.0-7
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-a41g-bu5m-aaah Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements. CVE-2008-4555

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:07:40.935590+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:22:24.674700+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:02:24.806516+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:55:44.406480+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:28:24.488123+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:21:31.998406+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:36:12.396161+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:32:09.196067+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:28:16.630124+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:11:00.127584+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T09:23:13.540954+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:19:19.199202+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:15:32.988169+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-20T23:40:31.273248+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah None 36.1.3
2025-06-20T22:48:00.704698+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.1.3
2025-06-20T22:31:05.131214+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.1.3
2025-06-20T21:21:53.007045+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag None 36.1.3
2025-06-20T21:08:07.522790+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj None 36.1.3
2025-06-20T20:38:40.955076+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa None 36.1.3
2025-06-20T19:34:09.252146+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa None 36.1.3
2025-06-20T19:29:50.408514+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.1.3
2025-06-08T13:18:12.781605+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:20:23.943787+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:36:44.024351+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:53:11.011416+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:47:27.262240+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:40:52.202877+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:22:57.514967+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:15:47.341568+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:29:19.290120+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:31:06.953783+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:28:37.719163+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:16:59.684050+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T03:11:06.180557+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:07:09.644551+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:03:15.606072+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-07T17:03:27.286258+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah None 36.1.0
2025-06-07T16:11:54.085131+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.1.0
2025-06-07T15:55:12.508774+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.1.0
2025-06-07T14:45:04.985470+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag None 36.1.0
2025-06-07T14:33:33.794527+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj None 36.1.0
2025-06-07T14:11:17.692613+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa None 36.1.0
2025-06-07T13:30:05.290923+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa None 36.1.0
2025-06-07T13:26:46.423434+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.1.0
2025-06-03T13:26:03.253218+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.1.2
2025-04-12T21:56:19.948137+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:49:50.994181+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:14:44.158131+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:05:40.175271+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:06:15.069354+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:06:20.766177+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:21:16.933148+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:35:37.780440+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:19:45.084822+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:13:17.050872+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:54:18.385988+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:47:22.762707+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:02:07.444652+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:02:26.775739+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:59:50.813529+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:48:02.654221+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T01:38:30.888372+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:34:23.447162+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:30:24.041901+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T15:36:46.399079+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah None 36.0.0
2025-04-07T14:43:17.791299+00:00 Debian Oval Importer Affected by VCID-6s5b-bjgh-aaas None 36.0.0
2025-04-07T14:26:11.798479+00:00 Debian Oval Importer Affected by VCID-eyru-akun-aaaa None 36.0.0
2025-04-07T13:17:05.667554+00:00 Debian Oval Importer Affected by VCID-us9k-2tn2-aaag None 36.0.0
2025-04-07T13:05:37.075146+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj None 36.0.0
2025-04-07T12:44:34.341729+00:00 Debian Oval Importer Affected by VCID-fea2-sbqr-aaaa None 36.0.0
2025-04-07T12:05:32.068918+00:00 Debian Oval Importer Affected by VCID-uc55-jdgf-aaaa None 36.0.0
2025-04-07T12:02:18.219307+00:00 Debian Oval Importer Affected by VCID-qvcm-vzm8-aaab None 36.0.0
2024-11-27T09:54:16.563050+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T19:06:11.933660+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T05:23:46.136173+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T19:16:47.715138+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T20:38:20.034703+00:00 Debian Oval Importer Affected by VCID-kdf2-e615-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T17:01:38.609340+00:00 Debian Oval Importer Fixing VCID-a41g-bu5m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1