Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2025-46397

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): NONE

created 11 months, 3 weeks ago

fig2dev stack-overflow

Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.

References

https://sourceforge.net/p/mcj/tickets/192/
https://access.redhat.com/security/cve/CVE-2025-46397 vdb-entryx_refsource_REDHAT
RHBZ#2362058 issue-trackingx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html
RHSA-2026:0700 vendor-advisoryx_refsource_REDHAT
RHSA-2026:0704 vendor-advisoryx_refsource_REDHAT
RHSA-2026:0705 vendor-advisoryx_refsource_REDHAT
RHSA-2026:0756 vendor-advisoryx_refsource_REDHAT

Affected products

xfig

=<3.2.9a

fig2dev

==3.2.9a

transfig

*

Matching in nixpkgs

pkgs.fig2dev

Tool to convert Xfig files to other formats

nixos-unstable 3.2.9
- nixpkgs-unstable 3.2.9
- nixos-unstable-small 3.2.9

Package maintainers

@LeSuisse Thomas Gerbet <thomas@gerbet.me>