Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Details of issue NIXPKGS-2025-0014

NIXPKGS-2025-0014

published on

Permalink CVE-2025-31162

6.6 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): HIGH

updated 6 months, 3 weeks ago by @Erethon Activity log

Created automatic suggestion 1 year ago
@LeSuisse accepted 1 year ago
@mweinelt dismissed 11 months ago
@mweinelt accepted 11 months ago
@Erethon published on GitHub 6 months, 3 weeks ago

fig2dev float point exception

Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function.

References

Affected products

fig2dev

==3.2.9a

Matching in nixpkgs

pkgs.fig2dev

Tool to convert Xfig files to other formats

nixos-unstable 3.2.9
- nixpkgs-unstable 3.2.9
- nixos-unstable-small 3.2.9

Package maintainers

@LeSuisse Thomas Gerbet <thomas@gerbet.me>