Fig2dev Security Vulnerabilities and Issues — Fig2dev CVE List

Lucene search

Fig2dev ProjectFig2dev

13 matches found

CVE•added 2019/12/12 3:15 a.m.•220 views

CVE-2019-19746

make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.

5.5CVSS5.6AI score0.00358EPSS

CVE•added 2021/05/26 10:15 p.m.•174 views

CVE-2021-3561

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity a...

7.1CVSS6.5AI score0.00148EPSS

CVE•added 2018/08/30 1:29 a.m.•129 views

CVE-2018-16140

A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.

7.8CVSS5.9AI score0.00335EPSS

CVE•added 2021/08/10 9:15 p.m.•97 views

CVE-2020-21683

A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

5.5CVSS5.6AI score0.00121EPSS

CVE•added 2021/08/10 9:15 p.m.•92 views

CVE-2020-21682

A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

5.5CVSS5.6AI score0.00108EPSS

CVE•added 2021/08/10 9:15 p.m.•88 views

CVE-2020-21680

A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

5.5CVSS5.6AI score0.00268EPSS

CVE•added 2021/08/10 9:15 p.m.•86 views

CVE-2020-21681

A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

5.5CVSS5.6AI score0.00136EPSS

CVE•added 2021/08/10 9:15 p.m.•69 views

CVE-2020-21684

A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

5.5CVSS5.5AI score0.00136EPSS

CVE•added 2021/08/10 9:15 p.m.•68 views

CVE-2020-21676

A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

5.5CVSS5.6AI score0.0012EPSS

CVE•added 2021/08/10 9:15 p.m.•65 views

CVE-2020-21675

A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.

5.5CVSS5.9AI score0.0011EPSS

CVE•added 2022/01/12 9:15 p.m.•56 views

CVE-2021-37530

A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.

5.5CVSS5.3AI score0.00389EPSS

CVE•added 2022/01/12 9:15 p.m.•54 views

CVE-2021-37529

A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).

5.5CVSS5.4AI score0.00389EPSS

CVE•added 2021/08/10 9:15 p.m.•50 views

CVE-2020-21678

A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format.

5.5CVSS5.5AI score0.00136EPSS