Gnu: >> Libredwg >> 0.4.527 Security Vulnerabilities
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-12-27
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-07-23
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-07-20
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).
CVSS Score
6.5
EPSS Score
0.004
Published
2018-07-20
Page 3