Описание
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.
Ссылки
- ExploitIssue Tracking
- Mailing ListThird Party Advisory
- Mailing List
- ExploitIssue Tracking
- Mailing ListThird Party Advisory
- Mailing List
Уязвимые конфигурации
Конфигурация 1Версия от 2.36.0 (включая) до 10.0.0 (исключая)
cpe:2.3:a:graphviz:graphviz:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00066
Низкий
7.8 High
CVSS3
Дефекты
CWE-125
CWE-125
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 1 года назад
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.
CVSS3: 7.8
debian
больше 1 года назад
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read vi ...
EPSS
Процентиль: 21%
0.00066
Низкий
7.8 High
CVSS3
Дефекты
CWE-125
CWE-125