CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-23861

A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.9%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://github.com/LibreDWG/libredwg/issues/248
https://github.com/LibreDWG/libredwg/issues/248

Products affected by CVE-2020-23861

Gnu » Libredwg » Version: 0.10.1

cpe:2.3:a:gnu:libredwg:0.10.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-23861

Products

Pricing

Contact Us