GraphViz 2.14.1

CPE Details

GraphViz 2.14.1
graphviz
graphviz
2.14.1
2021-05-17
17h45 +00:00
2021-05-18
17h26 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:graphviz:graphviz:2.14.1:*:*:*:*:*:*:*

Informations

Vendor

graphviz

Product

graphviz

Version

2.14.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-18032 2021-04-29 15h20 +00:00 Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
7.8
High
CVE-2014-9157 2014-12-03 20h00 +00:00 Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
7.5
CVE-2008-4555 2008-10-14 18h00 +00:00 Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements.
8.5