Lucene search
Veracode Vulnerability DatabaseVERACODE:30408HistoryMay 10, 2021 - 1:52 p.m.
Remote Code Execution (RCE)
2021-05-1013:52:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
EPSS
0.005
Percentile
77.2%
graphviz is vulnerable to remote code execution. An attacker is able to exploit the vulnerability by loading a malicious file into the lib/common/shapes.c component.
References
gitlab.com/graphviz/graphviz/-/issues/1700
lists.debian.org/debian-lts-announce/2021/05/msg00014.html
lists.fedoraproject.org/archives/list/[email protected]/message/D5PQPHJHPU46FK3R5XBP3XDT4X37HMPC/
lists.fedoraproject.org/archives/list/[email protected]/message/QGY2IGARE6RZHTF2UEZEWLMQCDILFK6A/
security-tracker.debian.org/tracker/CVE-2020-18032
security.gentoo.org/glsa/202107-04
www.debian.org/security/2021/dsa-4914
Related
suse
suse
Security update for graphviz (critical)
2021-05-22 00:00:00
Security update for graphviz (critical)
2021-07-11 00:00:00
nessus
nessus
EulerOS 2.0 SP9 : graphviz (EulerOS-SA-2021-2528)
2021-09-27 00:00:00
EulerOS 2.0 SP8 : graphviz (EulerOS-SA-2021-2296)
2021-08-09 00:00:00
Fedora 34 : graphviz (2021-5fb7be1fbf)
2021-05-27 00:00:00
debian
debian
[SECURITY] [DSA 4914-1] graphviz security update
2021-05-12 20:31:26
[SECURITY] [DLA 2659-1] graphviz security update
2021-05-13 09:05:40
debiancve
debiancve
CVE-2020-18032
2021-04-29 18:15:08
ubuntucve
ubuntucve
CVE-2020-18032
2021-04-29 00:00:00
rocky
rocky
graphviz security update
2021-11-09 08:52:05
cvelist
cvelist
CVE-2020-18032
2021-04-29 17:20:02
almalinux
almalinux
Moderate: graphviz security update
2021-11-09 08:52:05
prion
prion
Buffer overflow
2021-04-29 18:15:00
openvas
openvas
openSUSE: Security Advisory for graphviz (openSUSE-SU-2021:0757-1)
2021-05-24 00:00:00
Fedora: Security Advisory for graphviz (FEDORA-2021-5fb7be1fbf)
2021-05-27 00:00:00
Huawei EulerOS: Security Advisory for graphviz (EulerOS-SA-2021-2552)
2021-09-28 00:00:00
amazon
amazon
Medium: graphviz
2021-07-08 18:38:00
mageia
mageia
Updated graphviz packages fix a security vulnerability
2021-06-08 17:33:02
alpinelinux
alpinelinux
CVE-2020-18032
2021-04-29 18:15:08
cbl_mariner
cbl_mariner
CVE-2020-18032 affecting package graphviz 2.42.4-5
2021-10-05 03:00:57
CVE-2020-18032 affecting package graphviz for versions less than 2.42.4-10
2024-03-19 17:21:46
CVE-2020-18032 affecting package graphviz for versions less than 2.42.4-6
2022-04-26 19:57:46
cve
cve
CVE-2020-18032
2021-04-29 18:15:08
redhat
redhat
(RHSA-2021:4256) Moderate: graphviz security update
2021-11-09 08:52:05
nvd
nvd
CVE-2020-18032
2021-04-29 18:15:08
oraclelinux
oraclelinux
graphviz security update
2021-11-16 00:00:00
osv
osv
Moderate: graphviz security update
2021-11-09 08:52:05
Moderate: graphviz security update
2021-11-09 08:52:05
CVE-2020-18032
2021-04-29 18:15:08
redhatcve
redhatcve
CVE-2020-18032
2021-05-31 19:12:37
fedora
fedora
[SECURITY] Fedora 34 Update: graphviz-2.44.0-18.fc34
2021-05-27 00:33:35
[SECURITY] Fedora 33 Update: graphviz-2.44.0-14.fc33.2
2021-05-27 01:05:26
ubuntu
ubuntu
Graphviz vulnerabilities
2022-02-03 00:00:00
Graphviz vulnerabilities
2023-03-24 00:00:00
cloudfoundry
cloudfoundry
USN-5971-1: Graphviz vulnerabilities | Cloud Foundry
2023-05-25 00:00:00