Описание
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8.
The transfig package is susceptible to a NULL pointer dereference on crafted input. While translating fig code, patterns which include incomplete closed splines lead to this software flaw. The highest threat from this vulnerability is availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | transfig | Out of support scope | ||
| Red Hat Enterprise Linux 7 | transfig | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8.
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8.
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer deref ...
An issue was discovered in fig2dev through 20200520. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service.
Уязвимость функции compute_closed_spline() компонента trans_spline.c утилиты для преобразования файлов с расширением .fig Fig2dev, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3