PT-2025-17670 · Fig2Dev+3 · Fig2Dev+3

Liuchenyifan

·

Published

2025-02-11

·

Updated

2025-10-31

·

CVE-2025-46398

CVSS v2.0

6.2

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:N
Name of the Vulnerable Software and Affected Versions fig2dev version 3.2.9a
Description The issue allows an attacker possible code execution via local input manipulation through the read objects function.
Recommendations For fig2dev version 3.2.9a, consider restricting access to the read objects function until a patch is available.

Exploit

Fix

Stack Overflow

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2025-11850
CVE-2025-46398
DLA-4147-1
MGASA-2025-0253
OESA-2025-1509
OESA-2025-1510
OESA-2025-1947
OESA-2025-1948
OESA-2025-1949
OPENSUSE-SU-2025:15155-1
SUSE-SU-2025:01835-1
SUSE-SU-2025:01835-2
SUSE-SU-2025:01890-1

Affected Products

Astra Linux
Debian
Suse
Fig2Dev