Advisories ยป MGASA-2021-0228

Updated graphviz packages fix a security vulnerability

Publication date: 08 Jun 2021
Type: security
Affected Mageia releases : 7 , 8
CVE: CVE-2020-18032

Description

Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. (CVE-2020-18032)
                

References

SRPMS

7/core

8/core