Note:
This project will be discontinued after December 13, 2021. [more]
2018-05-30
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
Products | Ubuntu_linux, Fedora, Graphviz |
Type | NULL Pointer Dereference (CWE-476) |
First patch | - None (likely due to unavailable code) |
Links |
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TWUEEJPMS5LAROYJYY6FREOTI6VPN3M4/
• https://gitlab.com/graphviz/graphviz/issues/1367 • https://bugzilla.redhat.com/show_bug.cgi?id=1579254 • https://lists.debian.org/debian-lts-announce/2021/05/msg00014.html • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VR2CT3LD52GWAQUZAOSEXSYE3O7HGN/ |