Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | graphviz | < 2.38.0-7 | graphviz_2.38.0-7_all.deb |
Debian | 11 | all | graphviz | < 2.38.0-7 | graphviz_2.38.0-7_all.deb |
Debian | 10 | all | graphviz | < 2.38.0-7 | graphviz_2.38.0-7_all.deb |
Debian | 999 | all | graphviz | < 2.38.0-7 | graphviz_2.38.0-7_all.deb |
Debian | 13 | all | graphviz | < 2.38.0-7 | graphviz_2.38.0-7_all.deb |