Appears this is vulnerable to several of the same vulnerabilities as xfig was in bug 718806 (details on these vulnerabilities there). I couldn't reproduce CVE-2018-11439, so not sure if this is vulnerable to it too.
Package list is empty or all packages have requested keywords.
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
All fixed in 3.8.8.
(In reply to John Helmert III from comment #6)
> All fixed in 3.8.8.
Whoops, meant 3.2.8. We have another with the same fixed version:
An issue was discovered in fig2dev through 20200520. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service.
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.