Skip to content

[automatic] Publish 1 advisory for Graphviz_jll#506

Open
jlsec-bot wants to merge 1 commit into
JuliaLang:mainfrom
jlsec-bot:Graphviz_jll
Open

[automatic] Publish 1 advisory for Graphviz_jll#506
jlsec-bot wants to merge 1 commit into
JuliaLang:mainfrom
jlsec-bot:Graphviz_jll

Conversation

@jlsec-bot

Copy link
Copy Markdown
Contributor

This action searched 39 packages for advisories that pertain here. It identified 1 advisory as being related to the Julia package(s): Graphviz_jll.

⚠ There are 1 advisories with unbounded vulnerabilities

The publication of unbounded advisories is significantly more impactful and, if at all possible, should be addressed in the packages directly

1 advisories affect artifacts provided by Graphviz_jll

These identifications depend upon accurately tracked artifact metadata in GeneralMetadata.jl. Packages are only listed as affected if they have such tracking, and the vulnerable status (and version numbers themselves) are highly dependent on the accuracy of this metadata. Improvements can be made directly to GeneralMetadata.jl; it is automatically populated on a best-effort basis and manual edits are preserved.

Package and upstream project information

Advisory summaries

  • JLSEC-0000-CVE-2023-46045 (from: CVE-2023-46045) for upstream project(s):
    • graphviz:graphviz at versions: >= 2.36.0, < 10.0.0, mapping to
      • Graphviz_jll at versions: *

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants