CVE-2025-46398

Medium CVSS: 5.5

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.

Vendor

Product

CWE

Yayın Tarihi

2025-04-23 21:15:16

Güncelleme

2026-01-08 04:15:53

Source Identifier

secalert@redhat.com

KEV Date Added

CWE-121 Fig2dev MEDIUM Fig2dev Project 2025

https://access.redhat.com/security/cve/CVE-2025-46398 https://bugzilla.redhat.com/show_bug.cgi?id=2362055 https://sourceforge.net/p/mcj/tickets/191/ https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html

Medium

CVE-2025-46399

A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline fu…

Medium

CVE-2025-46400

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input…

High

CVE-2025-46397

A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spli…

Medium

CVE-2025-31162

Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation vi…

Medium

CVE-2025-31163

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_…

Medium

CVE-2025-31164

heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via c…