An issue exists in fig2dev prior to 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an malicious user to cause Denial of Service. The fixed version of fig2dev is 3.2.8.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xfig project fig2dev |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |