rpm package

suse/transfig&distro=SUSE Linux Enterprise Module for Package Hub 15 SP7

pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7

Vulnerabilities (7)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-46400	—	< 3.2.9a-150600.3.5.1	3.2.9a-150600.3.5.1	Apr 23, 2025	In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.
CVE-2025-46399	—	< 3.2.9a-150600.3.5.1	3.2.9a-150600.3.5.1	Apr 23, 2025	A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.
CVE-2025-46398	—	< 3.2.9a-150600.3.5.1	3.2.9a-150600.3.5.1	Apr 23, 2025	In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.
CVE-2025-46397	—	< 3.2.9a-150600.3.5.1	3.2.9a-150600.3.5.1	Apr 23, 2025	A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVE-2025-31162	—	< 3.2.9a-150600.3.5.1	3.2.9a-150600.3.5.1	Mar 28, 2025	Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function.
CVE-2025-31163	—	< 3.2.9a-150600.3.5.1	3.2.9a-150600.3.5.1	Mar 28, 2025	Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.
CVE-2025-31164	—	< 3.2.9a-150600.3.5.1	3.2.9a-150600.3.5.1	Mar 28, 2025	heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline.

CVE-2025-46400Apr 23, 2025
affected < 3.2.9a-150600.3.5.1fixed 3.2.9a-150600.3.5.1
In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.
CVE-2025-46399Apr 23, 2025
affected < 3.2.9a-150600.3.5.1fixed 3.2.9a-150600.3.5.1
A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.
CVE-2025-46398Apr 23, 2025
affected < 3.2.9a-150600.3.5.1fixed 3.2.9a-150600.3.5.1
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.
CVE-2025-46397Apr 23, 2025
affected < 3.2.9a-150600.3.5.1fixed 3.2.9a-150600.3.5.1
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVE-2025-31162Mar 28, 2025
affected < 3.2.9a-150600.3.5.1fixed 3.2.9a-150600.3.5.1
Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function.
CVE-2025-31163Mar 28, 2025
affected < 3.2.9a-150600.3.5.1fixed 3.2.9a-150600.3.5.1
Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.
CVE-2025-31164Mar 28, 2025
affected < 3.2.9a-150600.3.5.1fixed 3.2.9a-150600.3.5.1
heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline.