CVE-2023-46045

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 2, 2024

Updated: Mar 21, 2024

CWE ID 125

Summary

CVE-2023-46045 is a vulnerability affecting Graphviz versions 2.36.0 through 9.x, prior to 10.0.1. This issue involves an out-of-bounds read, which can be triggered by a specially crafted config6a file. The significance of this vulnerability lies in its potential to read memory beyond authorized bounds, leading to potential security risks. However, exploitation may be uncommon due to the fact that this file is typically owned by the root user.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Graphviz

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tBy9uB
https://www.cve.org/CVERecord?id=CVE-2023-46045
https://nvd.nist.gov/vuln/detail/CVE-2023-46045

Back to Vulnerability Database

CVE-2023-46045

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations