CVE-2025-31163

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://sourceforge.net/p/mcj/tickets/186/	Exploit Issue Tracking
https://lists.debian.org/debian-lts-announce/2025/04/msg00030.html

Configurations

Configuration 1 (hide)

cpe:2.3:a:fig2dev_project:fig2dev:3.2.9a:*:*:*:*:*:*:*

History

03 Nov 2025, 20:18

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/04/msg00030.html -

Information

Published : 2025-03-28 18:15

Updated : 2025-11-03 20:18

NVD link : CVE-2025-31163

Mitre link : CVE-2025-31163

CVE.ORG link : CVE-2025-31163

JSON object : View

Products Affected

fig2dev_project

fig2dev

CWE

CWE-476

NULL Pointer Dereference

6.6 /10