transfig (SUSE:Linux Enterprise Module for Package Hub 15 SP7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Package Hub 15 SP7 package transfig, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2025-46397 — CVSS 7.8 (high): A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVE-2025-31163 — CVSS 6.6 (medium): Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.
CVE-2025-31164 — CVSS 6.6 (medium): heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via…
CVE-2025-31162 — CVSS 6.6 (medium): Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope…
CVE-2025-46398 — CVSS 5.5 (medium): In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects…
CVE-2025-46399 — CVSS 5.5 (medium): A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.
CVE-2025-46400 — CVSS 5.5 (medium): In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via…