Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a “badly formed number” and a “long digit list.”
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | graphviz | < 2.26.3-16.1 | graphviz_2.26.3-16.1_all.deb |
Debian | 11 | all | graphviz | < 2.26.3-16.1 | graphviz_2.26.3-16.1_all.deb |
Debian | 10 | all | graphviz | < 2.26.3-16.1 | graphviz_2.26.3-16.1_all.deb |
Debian | 999 | all | graphviz | < 2.26.3-16.1 | graphviz_2.26.3-16.1_all.deb |
Debian | 13 | all | graphviz | < 2.26.3-16.1 | graphviz_2.26.3-16.1_all.deb |