Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2023-46045

Published: 02/02/2024 Updated: 21/03/2024
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Graphviz

Vulnerability Summary

Graphviz 2.36.0 up to and including 9.x prior to 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.

Vulnerable Product Search on Vulmon Subscribe to Product

graphviz graphviz

Mailing Lists

Full Disclosure: Re: Buffer Overflow in graphviz via via a crafted config6a file
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: Buffer Overflow in graphviz via via a crafted config6a file <!--X-Subject-Header-End--> <!--X-Head-of-Message--> ...

References

CWE-125https://gitlab.com/graphviz/graphviz/-/issues/2441https://seclists.org/fulldisclosure/2024/Jan/73https://www.openwall.com/lists/oss-security/2024/02/01/2http://seclists.org/fulldisclosure/2024/Feb/24https://seclists.org/fulldisclosure/2024/Feb/24https://nvd.nist.govhttps://seclists.org/fulldisclosure/2024/Jan/73
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook