rpm package
suse/transfig&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Vulnerabilities (17)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-32280 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 20, 2021 | An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8. | ||
| CVE-2020-21535 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 16, 2021 | fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. | ||
| CVE-2020-21534 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 16, 2021 | fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. | ||
| CVE-2020-21533 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 16, 2021 | fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c. | ||
| CVE-2020-21530 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 16, 2021 | fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. | ||
| CVE-2020-21532 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 16, 2021 | fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. | ||
| CVE-2020-21531 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 16, 2021 | fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c. | ||
| CVE-2020-21529 | — | < 3.2.8b-160.16.2 | 3.2.8b-160.16.2 | Sep 16, 2021 | fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c. | ||
| CVE-2020-21681 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Aug 10, 2021 | A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. | ||
| CVE-2020-21680 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Aug 10, 2021 | A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format. | ||
| CVE-2020-21682 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Aug 10, 2021 | A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. | ||
| CVE-2020-21683 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Aug 10, 2021 | A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. | ||
| CVE-2021-3561 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | May 26, 2021 | An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerabilit | ||
| CVE-2019-19797 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Dec 15, 2019 | read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. | ||
| CVE-2019-19746 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Dec 12, 2019 | make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. | ||
| CVE-2019-19555 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Dec 4, 2019 | read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. | ||
| CVE-2019-14275 | — | < 3.2.8a-1.160.13.1 | 3.2.8a-1.160.13.1 | Jul 26, 2019 | Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. |
- CVE-2021-32280Sep 20, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8.
- CVE-2020-21535Sep 16, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
- CVE-2020-21534Sep 16, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
- CVE-2020-21533Sep 16, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
- CVE-2020-21530Sep 16, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.
- CVE-2020-21532Sep 16, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.
- CVE-2020-21531Sep 16, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
- CVE-2020-21529Sep 16, 2021affected < 3.2.8b-160.16.2fixed 3.2.8b-160.16.2
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
- CVE-2020-21681Aug 10, 2021affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.
- CVE-2020-21680Aug 10, 2021affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.
- CVE-2020-21682Aug 10, 2021affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.
- CVE-2020-21683Aug 10, 2021affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
- CVE-2021-3561May 26, 2021affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerabilit
- CVE-2019-19797Dec 15, 2019affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
- CVE-2019-19746Dec 12, 2019affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
- CVE-2019-19555Dec 4, 2019affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
- CVE-2019-14275Jul 26, 2019affected < 3.2.8a-1.160.13.1fixed 3.2.8a-1.160.13.1
Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.