CVE-2014-1236

2014-01-1015:55:00

Debian Security Bug Tracker

security-tracker.debian.org

0.034 Low

EPSS

Percentile

91.4%

JSON

Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a “badly formed number” and a “long digit list.”

OSVersionArchitecturePackageVersionFilename
Debian12allgraphviz< 2.26.3-16.1graphviz_2.26.3-16.1_all.deb
Debian11allgraphviz< 2.26.3-16.1graphviz_2.26.3-16.1_all.deb
Debian10allgraphviz< 2.26.3-16.1graphviz_2.26.3-16.1_all.deb
Debian999allgraphviz< 2.26.3-16.1graphviz_2.26.3-16.1_all.deb
Debian13allgraphviz< 2.26.3-16.1graphviz_2.26.3-16.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	graphviz	< 2.26.3-16.1	graphviz_2.26.3-16.1_all.deb
Debian	11	all	graphviz	< 2.26.3-16.1	graphviz_2.26.3-16.1_all.deb
Debian	10	all	graphviz	< 2.26.3-16.1	graphviz_2.26.3-16.1_all.deb
Debian	999	all	graphviz	< 2.26.3-16.1	graphviz_2.26.3-16.1_all.deb
Debian	13	all	graphviz	< 2.26.3-16.1	graphviz_2.26.3-16.1_all.deb

0.034 Low

EPSS

Percentile

91.4%

JSON

Related for DEBIANCVE:CVE-2014-1236