{"id":"CVE-2021-3561","details":"An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.","modified":"2026-03-15T14:41:49.611774Z","published":"2021-05-26T22:15:08.317Z","related":["MGASA-2021-0379","SUSE-SU-2021:14823-1","SUSE-SU-2021:2454-1","SUSE-SU-2021:3124-1","openSUSE-SU-2021:1143-1","openSUSE-SU-2021:1311-1","openSUSE-SU-2021:1318-1","openSUSE-SU-2021:2454-1","openSUSE-SU-2024:11472-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C44WSY5KAQXC3Y2NMSVXXZS3M5U5U2E6/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKMOIQX6GULVSYXLYW5JQY6KJNTWV3E4/"},{"type":"FIX","url":"https://sourceforge.net/p/mcj/fig2dev/ci/6827c09d2d6491cb2ae3ac7196439ff3aa791fd9/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955675"},{"type":"EVIDENCE","url":"https://sourceforge.net/p/mcj/tickets/116/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3561.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"3.2.8-a"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}]}