VulnerableCode Package Details - pkg:deb/debian/graphviz@2.42.2-7

Search for packages

Package details: pkg:deb/debian/graphviz@2.42.2-7

Essentials
History (1)

purl	pkg:deb/debian/graphviz@2.42.2-7
Tags	Ghost

Next non-vulnerable version	2.42.4-3
Latest non-vulnerable version	2.42.4-3
Risk	3.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-2hc6-pk7m-aaag Aliases: CVE-2023-46045	Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.	2.42.2-8 Affected by 0 other vulnerabilities. 2.42.2-9 Affected by 0 other vulnerabilities. 2.42.4-2 Affected by 0 other vulnerabilities. 2.42.4-3 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2hc6-pk7m-aaag
Aliases:
CVE-2023-46045

Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.

2.42.2-8
Affected by 0 other vulnerabilities.

2.42.2-9
Affected by 0 other vulnerabilities.

2.42.4-2
Affected by 0 other vulnerabilities.

2.42.4-3
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-04-26T05:49:23.956136+00:00	Debian Importer	Affected by	VCID-2hc6-pk7m-aaag	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4