Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-46045

Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.

Published

2024-02-02T06:15:45.123

Last Modified

2025-05-15T20:15:27.337

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses
  • Type: Primary
    CWE-125
  • Type: Secondary
    CWE-125
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application graphviz graphviz < 10.0.0 Yes
References