Medium severity5.5NVD Advisory· Published Apr 23, 2025· Updated Jun 30, 2026
CVE-2025-46400
CVE-2025-46400
Description
In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15- osv-coords13 versionspkg:deb/ubuntu/fig2dev@1:3.2.6a-6ubuntu1.1?arch=source&distro=esm-apps/bionicpkg:deb/ubuntu/fig2dev@1:3.2.7a-7ubuntu0.1?arch=source&distro=focalpkg:deb/ubuntu/fig2dev@1:3.2.8b-1?arch=source&distro=jammypkg:deb/ubuntu/fig2dev@1:3.2.9-3build2?arch=source&distro=noblepkg:deb/ubuntu/fig2dev@1:3.2.9-4?arch=source&distro=oracularpkg:deb/ubuntu/fig2dev@1:3.2.9a-3?arch=source&distro=pluckypkg:rpm/opensuse/transfig&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/transfig&distro=openSUSE%20Tumbleweedpkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7
>= 0+ 12 more
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.9a-3.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.8b-2.26.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
- (no CPE)range: < 3.2.9a-150600.3.5.1
Patches
Vulnerability mechanics
References
4- sourceforge.net/p/mcj/tickets/187/nvdExploitIssue Tracking
- access.redhat.com/security/cve/CVE-2025-46400nvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdVendor Advisory
- lists.debian.org/debian-lts-announce/2025/04/msg00043.htmlnvd
News mentions
0No linked articles in our index yet.