Astra Linux – Vulnerability in fig2dev

In the xfig diagramming tool, a stack-overflow issue occurs during the execution of fig2dev, leading to memory corruption due to local input manipulation through the readobjects function...

OESA-2025-1948 transfig security update

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Security Fixes: ...

TencentOS Server 4: transfig (TSSA-2025:0488)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0488 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

SUSE CVE-2025-46398

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via readobjects function...

CVE-2025-46398

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via readobjects function...

CVE-2025-46397

A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function...

UBUNTU-CVE-2019-19746

makearrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type...