MGASA-2018-0307

Source
https://advisories.mageia.org/MGASA-2018-0307.html
Import Source
https://advisories.mageia.org/MGASA-2018-0307.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2018-0307
Related
Published
2018-07-11T21:07:50Z
Modified
2018-07-11T20:32:34Z
Summary
Updated graphviz packages fix security vulnerability
Details

NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file. (CVE-2018-10196)

References
Credits

Affected packages

Mageia:6 / graphviz

Package

Name
graphviz
Purl
pkg:rpm/mageia/graphviz?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.38.0-20.1.mga6

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / graphviz

Package

Name
graphviz
Purl
pkg:rpm/mageia/graphviz?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.38.0-10.1.mga5

Ecosystem specific

{
    "section": "core"
}