Search CVE reports

Toggle filters

21 – 28 of 28 results

CVE-2020-21675

Medium priority

Some fixes available 2 of 8

A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.

1 affected package

fig2dev

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Needs evaluation Not affected Fixed Fixed Ignored
Show less packages

CVE-2021-3561

Low priority

Some fixes available 2 of 4

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory...

2 affected packages

fig2dev, transfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Not affected Fixed Fixed Ignored
transfig Not in release Not in release Not in release Not in release Not affected
Show less packages

CVE-2019-19797

Low priority

Some fixes available 2 of 4

read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.

2 affected packages

fig2dev, transfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Fixed Fixed Not in release
transfig Not in release Not in release Not in release Not affected
Show less packages

CVE-2019-19746

Medium priority
Vulnerable

make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.

2 affected packages

fig2dev, transfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Not affected Vulnerable Needs evaluation Not in release
transfig Not in release Not in release Not in release Not in release Not affected
Show less packages

CVE-2019-19555

Negligible priority

Some fixes available 2 of 5

read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.

2 affected packages

fig2dev, transfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Not affected Fixed Fixed Not in release
transfig Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2019-14275

Negligible priority

Some fixes available 1 of 3

Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.

2 affected packages

fig2dev, transfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Not affected Not affected Fixed Not in release
transfig Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2018-16140

Medium priority

Some fixes available 2 of 4

A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.

2 affected packages

fig2dev, transfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Not affected Not affected Needs evaluation Not in release
transfig Not in release Not in release Not in release Not in release Fixed
Show less packages

CVE-2017-16899

Low priority
Ignored

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in...

2 affected packages

fig2dev, transfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Not in release
transfig Not in release Not affected
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. Next page
Export to JSON