Fig2dev Heap-Buffer Overflow Vulnerability Allowing Local Denial-of-Service

Vulnerability

A heap-buffer overflow vulnerability has been identified in Fig2dev version 3.2.9a. This vulnerability allows an attacker to cause a denial-of-service condition by manipulating local input, specifically through the 'create_line_with_spline' function.

Impact

Exploitation of this vulnerability leads to a heap-buffer overflow, which can commonly be exploited to execute arbitrary code or cause a denial-of-service condition by crashing the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fig2dev Heap-Buffer Overflow Vulnerability Allowing Local Denial-of-Service

Vulnerability

Impact

Affected Products

fig2dev

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating