Debian Fig2Dev vulnerabilities

CVE-2025-46397 [HIGH] CVE-2025-46397: fig2dev - A flaw was found in xfig. This vulnerability allows possible code execution via ... A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function. Scope: local bookworm: resolved (fixed in 1:3.2.8b-3+deb12u2) bullseye: resolved (fixed in 1:3.2.8-3+deb11u3) forky: resolved (fixed in 1:3.2.9a-4) sid: resolved (fixed in 1:3.2.9a-4) trixie: resolved (fixed in 1:3.2.9a-4)

CVE-2025-46400 [MEDIUM] CVE-2025-46400: fig2dev - In xfig diagramming tool, a segmentation fault while running fig2dev allows an a... In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function. Scope: local bookworm: resolved (fixed in 1:3.2.8b-3+deb12u2) bullseye: resolved (fixed in 1:3.2.8-3+deb11u3) forky: resolved (fixed in 1:3.2.9a-3) sid: resolved (fixed in 1:3.2.9a-3) trixie: resolved (fi

CVE-2025-31162 [MEDIUM] CVE-2025-31162: fig2dev - Floating point exception in fig2dev in version 3.2.9a allows an attacker to avai... Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function. Scope: local bookworm: resolved (fixed in 1:3.2.8b-3+deb12u1) bullseye: resolved (fixed in 1:3.2.8-3+deb11u2) forky: resolved (fixed in 1:3.2.9a-2) sid: resolved (fixed in 1:3.2.9a-2) trixie: resolved (fixed in 1:3.2.9a-2)

CVE-2025-31163 [MEDIUM] CVE-2025-31163: fig2dev - Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availabili... Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function. Scope: local bookworm: resolved (fixed in 1:3.2.8b-3+deb12u1) bullseye: resolved (fixed in 1:3.2.8-3+deb11u2) forky: resolved (fixed in 1:3.2.9a-2) sid: resolved (fixed in 1:3.2.9a-2) trixie: resolved (fixed in 1:3.2.9a-2)

CVE-2025-46398 [MEDIUM] CVE-2025-46398: fig2dev - In xfig diagramming tool, a stack-overflow while running fig2dev allows memory c... In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function. Scope: local bookworm: resolved (fixed in 1:3.2.8b-3+deb12u2) bullseye: resolved (fixed in 1:3.2.8-3+deb11u3) forky: resolved (fixed in 1:3.2.9a-4) sid: resolved (fixed in 1:3.2.9a-4) trixie: resolved (fixed in 1:3.2.9a-

CVE-2025-31164 [MEDIUM] CVE-2025-31164: fig2dev - heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availabi... heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline. Scope: local bookworm: resolved (fixed in 1:3.2.8b-3+deb12u1) bullseye: resolved (fixed in 1:3.2.8-3+deb11u2) forky: resolved (fixed in 1:3.2.9a-2) sid: resolved (fixed in 1:3.2.9a-2) trixie: resolved (fixed in 1:3.2.9a-2)

CVE-2025-46399 [MEDIUM] CVE-2025-46399: fig2dev - A flaw was found in fig2dev. This vulnerability allows availability via local in... A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function. Scope: local bookworm: resolved (fixed in 1:3.2.8b-3+deb12u2) bullseye: resolved (fixed in 1:3.2.8-3+deb11u3) forky: resolved (fixed in 1:3.2.9a-4) sid: resolved (fixed in 1:3.2.9a-4) trixie: resolved (fixed in 1:3.2.9a-4)

CVE-2021-3561 [HIGH] CVE-2021-3561: fig2dev - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in... An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. Scope: local bookworm: resolved (fixed i

CVE-2021-32280 [MEDIUM] CVE-2021-32280: fig2dev - An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exi... An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8. Scope: local bookworm: resolved (fixed in 1:3.2.7b-5) bullseye: resolved (fixed in 1:3.2.7b-5) forky: resolved (fixed in 1:3.2

CVE-2021-37530 [MEDIUM] CVE-2021-37530: fig2dev - A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfau... A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c. Scope: local bookworm: resolved (fixed in 1:3.2.8b-1) bullseye: resolved (fixed in 1:3.2.8-3+deb11u1) forky: resolved (fixed in 1:3.2.8b-1) sid: resolved (fixed in 1:3.2.8b-1) trixie: resolved (fixed in 1:3.2.8b-1)

CVE-2021-37529 [MEDIUM] CVE-2021-37529: fig2dev - A double-free vulnerability exists in fig2dev through 3.28a is affected by: via ... A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent). Scope: local bookworm: resolved (fixed in 1:3.2.8b-1) bullseye: resolved (fixed in 1:3.2.8-3+deb11u1) forky: resolved (fixed in 1:3.2.8b-1) sid: resolved (fixed in 1:3.2.8b-1) trixie: res

CVE-2020-21676 [MEDIUM] CVE-2020-21676: fig2dev - A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c ... A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) tr

CVE-2020-21529 [MEDIUM] CVE-2020-21529: fig2dev - fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in... fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie: resolved (fixed in 1:3.2.8-1)

CVE-2020-21532 [MEDIUM] CVE-2020-21532: fig2dev - fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in g... fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie: resolved (fixed in 1:3.2.8-1)

CVE-2020-21534 [MEDIUM] CVE-2020-21534: fig2dev - fig2dev 3.2.7b contains a global buffer overflow in the get_line function in rea... fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. Scope: local bookworm: resolved (fixed in 1:3.2.7b-3) bullseye: resolved (fixed in 1:3.2.7b-3) forky: resolved (fixed in 1:3.2.7b-3) sid: resolved (fixed in 1:3.2.7b-3) trixie: resolved (fixed in 1:3.2.7b-3)

CVE-2020-21535 [MEDIUM] CVE-2020-21535: fig2dev - fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gen... fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. Scope: local bookworm: resolved (fixed in 1:3.2.7b-3) bullseye: resolved (fixed in 1:3.2.7b-3) forky: resolved (fixed in 1:3.2.7b-3) sid: resolved (fixed in 1:3.2.7b-3) trixie: resolved (fixed in 1:3.2.7b-3)

CVE-2020-21531 [MEDIUM] CVE-2020-21531: fig2dev - fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index funct... fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie: resolved (fixed in 1:3.2.8-1)

CVE-2020-21530 [MEDIUM] CVE-2020-21530: fig2dev - fig2dev 3.2.7b contains a segmentation fault in the read_objects function in rea... fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. Scope: local bookworm: resolved (fixed in 1:3.2.7b-3) bullseye: resolved (fixed in 1:3.2.7b-3) forky: resolved (fixed in 1:3.2.7b-3) sid: resolved (fixed in 1:3.2.7b-3) trixie: resolved (fixed in 1:3.2.7b-3)

CVE-2020-21533 [MEDIUM] CVE-2020-21533: fig2dev - fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function ... fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c. Scope: local bookworm: resolved (fixed in 1:3.2.7b-3) bullseye: resolved (fixed in 1:3.2.7b-3) forky: resolved (fixed in 1:3.2.7b-3) sid: resolved (fixed in 1:3.2.7b-3) trixie: resolved (fixed in 1:3.2.7b-3)

CVE-2020-21675 [MEDIUM] CVE-2020-21675: fig2dev - A stack-based buffer overflow in the genptk_text component in genptk.c of fig2de... A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. Scope: local bookworm: resolved (fixed in 1:3.2.7b-3) bullseye: resolved (fixed in 1:3.2.7b-3) forky: resolved (fixed in 1:3.2.7b-3) sid: resolved (fixed in 1:3.2.7b-3) trixie: reso