{"id":"CVE-2019-14275","details":"Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.","modified":"2026-03-15T22:29:31.575742Z","published":"2019-07-26T04:15:11.603Z","related":["MGASA-2020-0116","SUSE-SU-2020:1806-1","SUSE-SU-2020:2951-1","SUSE-SU-2021:14823-1","SUSE-SU-2021:2454-1","openSUSE-SU-2020:1702-1","openSUSE-SU-2020:1843-1","openSUSE-SU-2021:1143-1","openSUSE-SU-2021:1311-1","openSUSE-SU-2021:1318-1","openSUSE-SU-2021:2454-1","openSUSE-SU-2024:11472-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00018.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00043.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00019.html"},{"type":"EVIDENCE","url":"https://sourceforge.net/p/mcj/tickets/52/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14275.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"3.2.7-a"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}