MidnightBSD

Advisories for fig2dev_project

CVE-2018-16140 MEDIUM

A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
fig2dev_project fig2dev 3.2.7a
CVE-2019-19746 MEDIUM

make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 32
fig2dev_project fig2dev 3.2.7b
fedoraproject fedora 31
CVE-2020-21675 MEDIUM

A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
debian debian_linux 9.0
CVE-2020-21676 MEDIUM

A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
debian debian_linux 9.0
debian debian_linux 10.0
CVE-2020-21678 MEDIUM

A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
CVE-2020-21680 MEDIUM

A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
CVE-2020-21681 MEDIUM

A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
CVE-2020-21682 MEDIUM

A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
CVE-2020-21683 MEDIUM

A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
CVE-2020-21684 MEDIUM

A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.7b
CVE-2021-3561 MEDIUM

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 1.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 34
fedoraproject fedora 33
fig2dev_project fig2dev 3.2.8
debian debian_linux 9.0
CVE-2021-37529 MEDIUM

A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-415,

Products Affected

Vendor Product Version
debian debian_linux 11.0
debian debian_linux 9.0
fig2dev_project fig2dev *
debian debian_linux 10.0
CVE-2021-37530 MEDIUM

A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 11.0
debian debian_linux 9.0
fig2dev_project fig2dev *
debian debian_linux 10.0
CVE-2025-31162

Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
74b3a70d-cca6-4d34-9789-e83b222ae3be 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.9a
CVE-2025-31163

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
74b3a70d-cca6-4d34-9789-e83b222ae3be 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.9a
CVE-2025-31164

heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via  create_line_with_spline.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
74b3a70d-cca6-4d34-9789-e83b222ae3be 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.9a
CVE-2025-46397

A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N 1.0 3.6

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.9a
redhat enterprise_linux 6.0
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
redhat enterprise_linux 9.0
CVE-2025-46398

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N 1.0 3.6

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.9a
redhat enterprise_linux 6.0
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
CVE-2025-46399

A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N 1.0 3.6

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.9a
redhat enterprise_linux 6.0
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
redhat enterprise_linux 9.0
CVE-2025-46400

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N 1.0 3.6

Products Affected

Vendor Product Version
fig2dev_project fig2dev 3.2.9a
redhat enterprise_linux 6.0
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
redhat enterprise_linux 9.0