Medium severity6.6NVD Advisory· Published Mar 28, 2025· Updated Jun 17, 2026
CVE-2025-31164
CVE-2025-31164
Description
heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords7 versionspkg:rpm/opensuse/transfig&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/transfig&distro=openSUSE%20Tumbleweedpkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7
< 3.2.9a-150600.3.5.1+ 6 more
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.9a-2.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.8b-2.23.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
- xfig/fig2devv5Range: 3.2.9a
Patches
Vulnerability mechanics
References
2- sourceforge.net/p/mcj/tickets/184/nvdExploitIssue Tracking
- lists.debian.org/debian-lts-announce/2025/04/msg00030.htmlnvd
News mentions
0No linked articles in our index yet.