Gnu: >> Libredwg Security Vulnerabilities
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-12-27
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
CVSS Score
7.5
EPSS Score
0.029
Published
2019-03-14
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
CVSS Score
7.5
EPSS Score
0.025
Published
2019-03-14
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14