Xfig Project Security Vulnerabilities

CVE-2019-19797

read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds...

CVE-2021-40241

xfig 3.2.7 is vulnerable to Buffer...

CVE-2019-14275

Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in...

CVE-2021-32280

An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is...

CVE-2020-21531

fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in...

CVE-2020-21532

fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in...

CVE-2020-21529

fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in...

CVE-2020-21535

fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in...

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and...

CVE-2020-21533

fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in...

CVE-2020-21534

fig2dev 3.2.7b contains a global buffer overflow in the get_line function in...

CVE-2020-21530

fig2dev 3.2.7b contains a segmentation fault in the read_objects function in...

CVE-2019-19555

read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect...