CVE-2023-46045

Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
graphvizgraphviz
2.36.0 ≤
𝑥
< 10.0.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
graphviz
bullseye
unimportant
bookworm
unimportant
sid
2.42.4-2
fixed
trixie
2.42.4-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
graphviz
oracular
not-affected
noble
needs-triage
mantic
ignored
jammy
Fixed 2.42.2-6ubuntu0.1+esm1
released
focal
Fixed 2.42.2-3ubuntu0.1~esm2
released
bionic
Fixed 2.40.1-2ubuntu0.1~esm2
released
xenial
Fixed 2.38.0-12ubuntu2.1+esm2
released
trusty
Fixed 2.36.0-0ubuntu3.2+esm2
released
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2024/Feb/24
https://gitlab.com/graphviz/graphviz/-/issues/2441
https://seclists.org/fulldisclosure/2024/Feb/24
https://seclists.org/fulldisclosure/2024/Jan/73
https://www.openwall.com/lists/oss-security/2024/02/01/2
http://packetstormsecurity.com/files/176816/graphviz-2.43.0-Buffer-Overflow-Code-Execution.html
http://seclists.org/fulldisclosure/2024/Feb/24
http://seclists.org/fulldisclosure/2024/Jan/62
http://seclists.org/fulldisclosure/2024/Jan/73
https://gitlab.com/graphviz/graphviz/-/issues/2441
https://seclists.org/fulldisclosure/2024/Feb/24
https://seclists.org/fulldisclosure/2024/Jan/73
https://www.openwall.com/lists/oss-security/2024/02/01/2