Lucene search
+L
Xfig ProjectXfig

4 matches found

CVE
CVE
added 2019/12/04 4:19 p.m.161 views

CVE-2019-19555

CVE-2019-19555 : In Xfig fig2dev 3.2.7b, read_textobject in read.c suffers a stack-based buffer overflow caused by an incorrect sscanf. Public sources (Ubuntu, SUSE, Red Hat advisories) reference this CVE among multiple Fig2dev issues; exploitation details are not provided in the documents. Some ...

5.5CVSS6.1AI score0.01069EPSS
CVE
CVE
added 2022/10/31 12:0 a.m.71 views

CVE-2021-40241

CVE-2021-40241 affects xfig 3.2.7, with a potential buffer overflow in src/w_help.c at line 55 due to getenv("LANG"). Debain/Mageia advisories document the vulnerability and provide a fixed package version: Debian 10 uses xfig 1:3.2.7a-3+deb10u1; Mageia/OSV entries reference a security update. Th...

9.8CVSS9.2AI score0.00976EPSS
CVE
CVE
added 2024/03/27 12:0 a.m.66 views

CVE-2023-45920

Xfig v3.2.8 contains a NULL pointer dereference in XGetWMHints(), CVE-2023-45920. Multiple connected advisories confirm the issue and note that its remediation has been released: Mageia (MGASA-2024-0125), SUSE (SUSE-SU-2024:1196-1), and OSV entries indicate fixes. Descriptions consistently state ...

4.2CVSS7.1AI score0.00235EPSS
CVE
CVE
added 2017/11/20 6:0 p.m.62 views

CVE-2017-16899

CVE-2017-16899 affects the Xfig figure conversion tool (fig2dev) in the fig2dev program, with an array index error related to a negative font value in dev/gentikz.c and in the read_textobject routines (read.c and read1_3.c). The vulnerability can allow remote attackers to cause a denial-of-servic...

7.1CVSS6.5AI score0.0135EPSS