CVE-2025-31163NULL Pointer Dereference in Fig2dev

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
6.6MEDIUMNVD
EPSS
0.1%
top 67.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fig2dev Project Fig2devXfig Fig2dev
Timeline
PublishedMar 28
Latest updateJun 23

Description

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:HExploitability: 1.8 | Impact: 4.7

Affected Packages3 packages

Debianfig2dev_project/fig2dev< 1:3.2.8-3+deb11u2+3
CVEListV5xfig/fig2dev3.2.9a

🔴Vulnerability Details

4
OSV
fig2dev vulnerabilities2025-06-23
GHSA
GHSA-gphp-6r8r-qhcw: Segmentation fault in fig2dev in version 32025-03-28
OSV
CVE-2025-31163: Segmentation fault in fig2dev in version 32025-03-28
CVEList
fig2dev segmentation fault2025-03-28

📋Vendor Advisories

2
Ubuntu
Fig2dev vulnerabilities2025-06-23
Debian
CVE-2025-31163: fig2dev - Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availabili...2025
CVE-2025-31163 — NULL Pointer Dereference in Fig2dev | cvebase