CVE-2019-11023
08.04.2019, 23:29
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| graphviz | graphviz | 2.39.20160612.1140 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| graphviz |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| graphviz |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| graphviz-devel |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| graphviz-gd |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| graphviz-plugins-core |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| libgraphviz6 |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| graphviz |
| ||
| graphviz-R |
| ||
| graphviz-debuginfo |
| ||
| graphviz-devel |
| ||
| graphviz-doc |
| ||
| graphviz-gd |
| ||
| graphviz-graphs |
| ||
| graphviz-guile |
| ||
| graphviz-java |
| ||
| graphviz-lua |
| ||
| graphviz-perl |
| ||
| graphviz-php54 |
| ||
| graphviz-python26 |
| ||
| graphviz-python27 |
| ||
| graphviz-ruby |
| ||
| graphviz-tcl |
|
Common Weakness Enumeration
References