Graphviz: >> Graphviz >> 2.22.0 Security Vulnerabilities
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-04-29
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
CVSS Score
7.5
EPSS Score
0.019
Published
2014-12-03