Fig2devproject Fig2dev
By the Year
In 2024 there have been 0 vulnerabilities in Fig2devproject Fig2dev . Fig2dev did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 5.50 |
| 2021 | 9 | 5.68 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 5.50 |
| 2018 | 1 | 7.80 |
It may take a day or so for new Fig2dev vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Fig2devproject Fig2dev Security Vulnerabilities
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
CVE-2021-37530
5.5 - Medium
- January 12, 2022
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
Memory Corruption
A double-free vulnerability exists in fig2dev through 3.28a is affected by:
CVE-2021-37529
5.5 - Medium
- January 12, 2022
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
Double-free
A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b
CVE-2020-21675
5.5 - Medium
- August 10, 2021
A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.
Memory Corruption
A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b
CVE-2020-21684
5.5 - Medium
- August 10, 2021
A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.
Classic Buffer Overflow
A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b
CVE-2020-21683
5.5 - Medium
- August 10, 2021
A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
Classic Buffer Overflow
A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b
CVE-2020-21682
5.5 - Medium
- August 10, 2021
A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.
Classic Buffer Overflow
A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b
CVE-2020-21681
5.5 - Medium
- August 10, 2021
A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.
Classic Buffer Overflow
A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b
CVE-2020-21680
5.5 - Medium
- August 10, 2021
A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.
Memory Corruption
A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b
CVE-2020-21678
5.5 - Medium
- August 10, 2021
A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format.
Classic Buffer Overflow
A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b
CVE-2020-21676
5.5 - Medium
- August 10, 2021
A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
Memory Corruption
An Out of Bounds flaw was found fig2dev version 3.2.8a
CVE-2021-3561
7.1 - High
- May 26, 2021
An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
Buffer Overflow
make_arrow in arrow.c in Xfig fig2dev 3.2.7b
CVE-2019-19746
5.5 - Medium
- December 12, 2019
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
Memory Corruption
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a
CVE-2018-16140
7.8 - High
- August 30, 2018
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Fig2devproject? Click the Watch button to subscribe.
