CVE-2023-45920

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-45920

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-45920.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-45920

Downstream

SUSE-SU-2024:1196-1

Related

Published

2024-03-27T05:15:47Z

Modified

2025-07-03T02:10:15.905223Z

Summary

[none]

Details

Xfig v3.2.8 was discovered to contain a NULL pointer dereference when calling XGetWMHints(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server or window manager.

References

Affected packages

Debian:11 / xfig

Package

Name: xfig
Purl: pkg:deb/debian/xfig?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*

1:3.2.8-3

1:3.2.8-3+deb11u1

1:3.2.8a-1

1:3.2.8b-1

1:3.2.8b-2

1:3.2.9-1

1:3.2.9-2

1:3.2.9-3

1:3.2.9-4

1:3.2.9a-1

1:3.2.9a-2

1:3.2.9a-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / xfig

Package

Name: xfig
Purl: pkg:deb/debian/xfig?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*

1:3.2.8b-2

1:3.2.9-1

1:3.2.9-2

1:3.2.9-3

1:3.2.9-4

1:3.2.9a-1

1:3.2.9a-2

1:3.2.9a-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / xfig

Package

Name: xfig
Purl: pkg:deb/debian/xfig?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.2.9-1

Affected versions

1:3.*

1:3.2.8b-2

Ecosystem specific

{
    "urgency": "unimportant"
}