Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fig2dev
(Fig2dev_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-05-26 | CVE-2021-3561 | An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. | Debian_linux, Fedora, Fig2dev | 7.1 | ||
| 2021-08-10 | CVE-2020-21675 | A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. | Debian_linux, Fig2dev | 5.5 | ||
| 2021-08-10 | CVE-2020-21676 | A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. | Debian_linux, Fig2dev | 5.5 | ||
| 2021-08-10 | CVE-2020-21678 | A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format. | Fig2dev | 5.5 | ||
| 2021-08-10 | CVE-2020-21680 | A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format. | Fig2dev | 5.5 | ||
| 2021-08-10 | CVE-2020-21681 | A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. | Fig2dev | 5.5 | ||
| 2021-08-10 | CVE-2020-21682 | A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. | Fig2dev | 5.5 | ||
| 2021-08-10 | CVE-2020-21683 | A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. | Fig2dev | 5.5 | ||
| 2021-08-10 | CVE-2020-21684 | A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format. | Fig2dev | 5.5 | ||
| 2022-01-12 | CVE-2021-37529 | A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent). | Debian_linux, Fig2dev | 5.5 |