Lucene search
UbuntuUSN-6708-1HistoryMar 21, 2024 - 12:00 a.m.
Graphviz vulnerability
2024-03-2100:00:00
ubuntu.com
24
graphviz
ubuntu
packages
denial of service
config6a files
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.9%
Releases
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Packages
- graphviz - rich set of graph drawing tools
Details
It was discovered that Graphviz incorrectly handled certain config6a files.
An attacker could possibly use this issue to cause a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.04 | noarch | graphviz | < 2.42.2-6ubuntu0.1~esm1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | graphviz | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | graphviz-dbgsym | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | graphviz-doc | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libcdt5 | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libcdt5-dbgsym | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libcgraph6 | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libcgraph6-dbgsym | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libgraphviz-dev | < 2.42.2-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libgv-guile | < 2.42.2-6ubuntu0.1 | UNKNOWN |
References
Related
openvas
openvas
Huawei EulerOS: Security Advisory for graphviz (EulerOS-SA-2024-1508)
2024-04-08 00:00:00
Huawei EulerOS: Security Advisory for graphviz (EulerOS-SA-2024-1487)
2024-04-08 00:00:00
Ubuntu: Security Advisory (USN-6708-1)
2024-03-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-46045 affecting package graphviz for versions less than 2.42.4-10
2024-05-17 05:57:11
veracode
veracode
Denial Of Service
2024-02-02 19:38:42
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Graphviz vulnerability (USN-6708-1)
2024-03-21 00:00:00
EulerOS 2.0 SP9 : graphviz (EulerOS-SA-2024-1487)
2024-04-09 00:00:00
EulerOS 2.0 SP10 : graphviz (EulerOS-SA-2024-1568)
2024-05-09 00:00:00
cvelist
cvelist
CVE-2023-46045
2024-02-02 00:00:00
osv
osv
graphviz vulnerability
2024-03-21 12:20:33
CVE-2023-46045
2024-02-02 06:15:45
alpinelinux
alpinelinux
CVE-2023-46045
2024-02-02 06:15:45
prion
prion
Design/Logic Flaw
2024-02-02 06:15:00
nvd
nvd
CVE-2023-46045
2024-02-02 06:15:45
debiancve
debiancve
CVE-2023-46045
2024-02-02 06:15:45
cgr
cgr
CVE-2023-46045 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
CVE-2023-46045
2024-02-02 00:00:00
wolfi
wolfi
CVE-2023-46045 vulnerabilities
2024-07-02 15:14:03
cve
cve
CVE-2023-46045
2024-02-02 06:15:45
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.9%
Related for USN-6708-1