cbcvebase.
CVE-2020-21675
published 2021-08-10

CVE-2020-21675: A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a…

medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.

Affected

9 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianfig2dev< fig2dev 1:3.2.7b-3 (bookworm)fig2dev 1:3.2.7b-3 (bookworm)
fig2dev_projectfig2dev
fig2dev_projectfig2dev>= 0 < 1:3.2.7b-31:3.2.7b-3
fig2dev_projectfig2dev>= 0 < 1:3.2.7b-31:3.2.7b-3
fig2dev_projectfig2dev>= 0 < 1:3.2.7b-31:3.2.7b-3
fig2dev_projectfig2dev>= 0 < 1:3.2.7b-31:3.2.7b-3
fig2dev_projectfig2dev>= 0 < 1:3.2.6a-6ubuntu1.11:3.2.6a-6ubuntu1.1
fig2dev_projectfig2dev>= 0 < 1:3.2.7a-7ubuntu0.11:3.2.7a-7ubuntu0.1

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM