Xfig
by Mcj
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-46399 | 0.00 | — | 0.00 | Apr 23, 2025 | A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function. | |||
| CVE-2025-46397 | 0.00 | — | 0.00 | Apr 23, 2025 | A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function. | |||
| CVE-2025-31162 | 0.00 | — | 0.00 | Mar 28, 2025 | Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function. | |||
| CVE-2025-31163 | 0.00 | — | 0.00 | Mar 28, 2025 | Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function. | |||
| CVE-2025-31164 | 0.00 | — | 0.00 | Mar 28, 2025 | heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline. | |||
| CVE-2023-45920 | 0.00 | — | 0.00 | Mar 27, 2024 | Xfig v3.2.8 was discovered to contain a NULL pointer dereference when calling XGetWMHints(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server or window manager. | |||
| CVE-2020-21535 | 0.00 | — | 0.01 | Sep 16, 2021 | fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. | |||
| CVE-2020-21530 | 0.00 | — | 0.00 | Sep 16, 2021 | fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. | |||
| CVE-2020-21529 | 0.00 | — | 0.00 | Sep 16, 2021 | fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c. | |||
| CVE-2020-21531 | 0.00 | — | 0.01 | Sep 16, 2021 | fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c. | |||
| CVE-2020-21675 | 0.00 | — | 0.01 | Aug 10, 2021 | A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. | |||
| CVE-2020-21681 | 0.00 | — | 0.00 | Aug 10, 2021 | A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. | |||
| CVE-2021-3561 | 0.00 | — | 0.00 | May 26, 2021 | An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this… | |||
| CVE-2019-19797 | 0.00 | — | 0.00 | Dec 15, 2019 | read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. | |||
| CVE-2019-19746 | 0.00 | — | 0.00 | Dec 12, 2019 | make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. | |||
| CVE-2019-19555 | 0.00 | — | 0.00 | Dec 4, 2019 | read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. | |||
| CVE-2018-16140 | 0.00 | — | 0.00 | Aug 30, 2018 | A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. |
- CVE-2025-46399Apr 23, 2025risk 0.00cvss —epss 0.00
A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.
- CVE-2025-46397Apr 23, 2025risk 0.00cvss —epss 0.00
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
- CVE-2025-31162Mar 28, 2025risk 0.00cvss —epss 0.00
Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function.
- CVE-2025-31163Mar 28, 2025risk 0.00cvss —epss 0.00
Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.
- CVE-2025-31164Mar 28, 2025risk 0.00cvss —epss 0.00
heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline.
- CVE-2023-45920Mar 27, 2024risk 0.00cvss —epss 0.00
Xfig v3.2.8 was discovered to contain a NULL pointer dereference when calling XGetWMHints(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server or window manager.
- CVE-2020-21535Sep 16, 2021risk 0.00cvss —epss 0.01
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
- CVE-2020-21530Sep 16, 2021risk 0.00cvss —epss 0.00
fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.
- CVE-2020-21529Sep 16, 2021risk 0.00cvss —epss 0.00
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
- CVE-2020-21531Sep 16, 2021risk 0.00cvss —epss 0.01
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
- CVE-2020-21675Aug 10, 2021risk 0.00cvss —epss 0.01
A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.
- CVE-2020-21681Aug 10, 2021risk 0.00cvss —epss 0.00
A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.
- CVE-2021-3561May 26, 2021risk 0.00cvss —epss 0.00
An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this…
- CVE-2019-19797Dec 15, 2019risk 0.00cvss —epss 0.00
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
- CVE-2019-19746Dec 12, 2019risk 0.00cvss —epss 0.00
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
- CVE-2019-19555Dec 4, 2019risk 0.00cvss —epss 0.00
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
- CVE-2018-16140Aug 30, 2018risk 0.00cvss —epss 0.00
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.