graphviz is vulnerable to remote code execution. An attacker is able to exploit the vulnerability by loading a malicious file into the lib/common/shapes.c
component.
gitlab.com/graphviz/graphviz/-/issues/1700
lists.debian.org/debian-lts-announce/2021/05/msg00014.html
lists.fedoraproject.org/archives/list/[email protected]/message/D5PQPHJHPU46FK3R5XBP3XDT4X37HMPC/
lists.fedoraproject.org/archives/list/[email protected]/message/QGY2IGARE6RZHTF2UEZEWLMQCDILFK6A/
security-tracker.debian.org/tracker/CVE-2020-18032
security.gentoo.org/glsa/202107-04
www.debian.org/security/2021/dsa-4914