fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
After analysis of this flaw, all versions of RHEL 8 are affected. RHEL 9 remains unaffected as the patch to fix this flaw was applied and introduced in RHEL 9. The patch applied is: https://sourceforge.net/p/mcj/fig2dev/ci/41b9bb838a3d544539f6e68aa4f87d70ef7d45ce/. This flaw was caused by the use of fgets which led to a buffer overflow and segmentation fault in read_objects when a specially crafted file was used as input to the program.