Gnu: >> Libredwg >> 0.4.635 Security Vulnerabilities
An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-09-20
GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-07-17
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.
CVSS Score
8.1
EPSS Score
0.004
Published
2020-07-16
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-07-16
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
CVSS Score
8.8
EPSS Score
0.004
Published
2020-07-16
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.
CVSS Score
8.1
EPSS Score
0.004
Published
2020-07-16
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-07-16
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.
CVSS Score
8.1
EPSS Score
0.004
Published
2020-07-16
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-07-16
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27