DEBIAN-CVE-2023-45920

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2023-45920

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45920.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-45920

Upstream

CVE-2023-45920

Published

2024-03-27T05:15:47.140Z

Modified

2026-03-17T02:49:01.600046Z

Severity

4.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Xfig v3.2.8 was discovered to contain a NULL pointer dereference when calling XGetWMHints(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server or window manager.

References

https://security-tracker.debian.org/tracker/CVE-2023-45920

Affected packages

Debian:11 / xfig

Package

Name: xfig
Purl: pkg:deb/debian/xfig?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*

1:3.2.8-3

1:3.2.8-3+deb11u1

1:3.2.8a-1

1:3.2.8b-1

1:3.2.8b-2

1:3.2.9-1

1:3.2.9-2

1:3.2.9-3

1:3.2.9-4

1:3.2.9a-1

1:3.2.9a-2

1:3.2.9a-3

1:3.2.9a-4

1:3.2.9a-5

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45920.json"

Debian:12 / xfig

Package

Name: xfig
Purl: pkg:deb/debian/xfig?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*

1:3.2.8b-2

1:3.2.9-1

1:3.2.9-2

1:3.2.9-3

1:3.2.9-4

1:3.2.9a-1

1:3.2.9a-2

1:3.2.9a-3

1:3.2.9a-4

1:3.2.9a-5

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45920.json"

Debian:13 / xfig

Package

Name: xfig
Purl: pkg:deb/debian/xfig?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.2.9-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45920.json"

Debian:14 / xfig

Package

Name: xfig
Purl: pkg:deb/debian/xfig?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.2.9-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45920.json"