read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Buffer Overflow
Memory Corruption
Fig2Dev
Fedora
Debian Linux
NVD
CVSS 3.1
5.5
EPSS
1.2%