Vulnerability CVE-2020-18032

Vulnerability Name:

CVE-2020-18032 (CCN-201066)

Assigned:

2020-08-13

Published:

2020-08-13

Updated:

2022-05-13

Summary:

Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

7.8 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-120
CWE-193

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2020-18032

Source: XF
Type: UNKNOWN
graphviz-cve202018032-bo(201066)

Source: CCN
Type: GitLab Web site
heap-over-flow(off-by-null) in lib/common/shapes.c

Source: MISC
Type: Exploit, Patch, Third Party Advisory
https://gitlab.com/graphviz/graphviz/-/issues/1700

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210513 [SECURITY] [DLA 2659-1] graphviz security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-5fb7be1fbf

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-ede783f2b6

Source: GENTOO
Type: Issue Tracking, Third Party Advisory
GLSA-202107-04

Source: DEBIAN
Type: Third Party Advisory
DSA-4914

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2020-18032

Vulnerable Configuration:

Configuration 1:

cpe:/a:graphviz:graphviz:*:*:*:*:*:*:*:* (Version < 2.46.0)

Configuration 2:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:graphviz:graphviz:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8027	P	junit-4.13.2-150200.3.8.1 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7465	P	conntrack-tools-1.4.5-1.46 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7954	P	libout123-0-1.26.4-1.15 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51562	P	Security update for dpkg (Low)	2022-11-18
oval:org.opensuse.security:def:699	P	Security update for podman (Important)	2022-08-17
oval:org.opensuse.security:def:3413	P	yast2-users-3.2.19-1.16 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3600	P	libgraphite2-3-1.3.1-10.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94525	P	cpp7-7.5.0+r278197-4.30.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94887	P	avahi-autoipd-0.8-150400.5.73 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95240	P	Security update for patch (Moderate)	2022-06-02
oval:org.opensuse.security:def:101600	P	Security update for python-pip (Moderate)	2022-04-28
oval:org.opensuse.security:def:6012	P	Security update for the Linux Kernel (Important)	2022-04-19
oval:org.opensuse.security:def:101953	P	Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (Important)	2022-04-14
oval:org.opensuse.security:def:4549	P	Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP5) (Important)	2021-12-14
oval:com.redhat.rhsa:def:20214256	P	RHSA-2021:4256: graphviz security update (Moderate)	2021-11-09
oval:org.opensuse.security:def:4478	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-08-17
oval:org.opensuse.security:def:101238	P	texlive-collection-basic-2017.135.svn41616-9.12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:99659	P	(Important)	2021-07-15
oval:org.opensuse.security:def:111546	P	Security update for graphviz (Critical)	2021-07-10
oval:org.opensuse.security:def:99967	P	(Important)	2021-06-23
oval:org.opensuse.security:def:111392	P	Security update for graphviz (Critical)	2021-05-22
oval:org.opensuse.security:def:32094	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:76169	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:92510	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:23901	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:10082	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:69850	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:98871	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:109224	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:8382	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:67101	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:86558	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:125094	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:96957	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:7420	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:59731	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:82571	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:4273	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:34434	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:55900	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:93214	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:102858	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:30197	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:74635	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:91921	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:19562	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:9328	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:69116	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:89128	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:107904	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:8251	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:65567	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:84599	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:118309	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:57917	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:95845	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:32919	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:92709	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:26052	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:10261	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:70222	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:99066	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:109391	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:8583	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:68509	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:87383	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:125534	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:60257	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:83284	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:5039	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:56020	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:101430	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:31175	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:74706	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:92116	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:19605	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:9511	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:69468	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:89386	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:108266	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:8317	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:65638	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:85639	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:118487	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:5692	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:58742	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:96035	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:1464	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:33650	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:51889	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:92908	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:102558	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:29364	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:73624	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:70401	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:99261	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:109524	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:8760	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:68554	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:88117	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:126704	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:64502	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:83404	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:117419	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:56998	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:101776	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:31622	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:75849	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:92311	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:23574	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:9710	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:69651	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:98823	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:108619	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:8358	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:66781	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:86086	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:118620	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:59473	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:96168	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:1604	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:33908	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:55187	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:93061	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:102725	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:30077	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:73811	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:91873	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:99460	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:19514	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:8955	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:69043	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:88429	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:127101	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:64689	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:84142	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:117780	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:57445	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:102284	P	Security update for graphviz (Critical)	2021-05-19

BACK