Vulnerability Details CVE-2019-9774
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.3%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html
- http://www.securityfocus.com/bid/107447
- https://github.com/LibreDWG/libredwg/issues/99
- https://savannah.gnu.org/bugs/index.php?55893
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html
- http://www.securityfocus.com/bid/107447
- https://github.com/LibreDWG/libredwg/issues/99
- https://savannah.gnu.org/bugs/index.php?55893