CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-37530
https://notcve.org/view.php?id=CVE-2021-37530
12 Jan 2022 — A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c. Se presenta una vulnerabilidad de denegación de servicio en fig2dev versiones hasta 3.28a, debido a un fallo de seguridad en la función open_stream del archivo readpics.c • https://sourceforge.net/p/mcj/tickets/126 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-37529
https://notcve.org/view.php?id=CVE-2021-37529
12 Jan 2022 — A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent). Se presenta una vulnerabilidad de doble liberación en fig2dev versiones hasta 3.28a, está afectada por: por medio de la función free_stream en el archivo readpics.c, que podría causar una denegación de servicio (dependiente del contexto) • https://sourceforge.net/p/mcj/tickets/125 • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-32280 – Ubuntu Security Notice USN-5864-1
https://notcve.org/view.php?id=CVE-2021-32280
20 Sep 2021 — An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8. Se ha detectado un problema en fig2dev antes de la versión 3.2.8.. • https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-21535 – Ubuntu Security Notice USN-5864-1
https://notcve.org/view.php?id=CVE-2020-21535
16 Sep 2021 — fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. fig2dev versión 3.2.7b, contiene un fallo de segmentación en la función gencgm_start del archivo gencgm.c Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered ... • https://cwe.mitre.org/data/definitions/125.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-21534 – Ubuntu Security Notice USN-5864-1
https://notcve.org/view.php?id=CVE-2020-21534
16 Sep 2021 — fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. fig2dev versión 3.2.7b, contiene un desbordamiento del buffer global en la función get_line en el archivo read.c Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discov... • https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-21533
https://notcve.org/view.php?id=CVE-2020-21533
16 Sep 2021 — fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c. fig2dev versión 3.2.7b, contiene un desbordamiento del buffer de la pila en la función read_textobject en el archivo read.c • https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-21530 – Ubuntu Security Notice USN-5864-1
https://notcve.org/view.php?id=CVE-2020-21530
16 Sep 2021 — fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. fig2dev versión 3.2.7b, contiene un fallo de segmentación en la función read_objects del archivo read.c Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that... • https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-21529
https://notcve.org/view.php?id=CVE-2020-21529
16 Sep 2021 — fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c. fig2dev versión 3.2.7b, contiene un desbordamiento del búfer de la pila en la función bezier_spline en el archivo genepic.c • https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-21531 – Ubuntu Security Notice USN-5864-1
https://notcve.org/view.php?id=CVE-2020-21531
16 Sep 2021 — fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c. fig2dev versión 3.2.7b, contiene un desbordamiento global de la memoria intermedia en la función conv_pattern_index del archivo gencgm.c Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affe... • https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-21532
https://notcve.org/view.php?id=CVE-2020-21532
16 Sep 2021 — fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. fig2dev versión 3.2.7b, contiene un desbordamiento del buffer global en la función setfigfont en el archivo genepic.c • https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •