Lucene search

Libredwg Security Vulnerabilities - CVSS Score 9 - 10

cve

CVE-2019-20914

An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.

9.8CVSS

9.2AI Score

0.004EPSS

2020-07-16 06:15 PM

cve

CVE-2019-9774

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.

9.1CVSS

9AI Score

0.011EPSS

2019-03-14 09:29 AM

cve

CVE-2019-9775

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.

9.1CVSS

9AI Score

0.011EPSS

2019-03-14 09:29 AM

106

cve

CVE-2021-28237

LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.

9.8CVSS

9.6AI Score

0.004EPSS

2021-12-02 10:15 PM

cve

CVE-2022-35164

LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.

9.8CVSS

9.5AI Score

0.002EPSS

2022-08-18 05:15 AM