Gregory Duck

**Name of the Vulnerable Software and Affected Versions** Xfig version 3.2.8 **Description** A NULL pointer dereference issue was discovered when calling the `XGetWMHints()` function. This issue is disputed as it is not expected for an X application to continue running with arbitrary anomalous behavior from the X server or window manager. **Recommendations** For Xfig version 3.2.8, consider updating to a newer version that addresses this issue, as the current version contains a disputed NULL pointer dereference. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qt versions 6 through 6.6 **Description** A NULL pointer dereference was discovered via the function `QXcbConnection::initializeAllAtoms()`. This issue is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server. **Recommendations** For Qt versions 6 through 6.6, consider disabling the `QXcbConnection::initializeAllAtoms()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.