Libredwg@* Security Vulnerabilities and Issues — Libredwg@* CVE List

Lucene search

GnuLibredwg*

8 matches found

CVE•added 2020/07/16 6:15 p.m.•43 views

CVE-2019-20913

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.

8.1CVSS7.9AI score0.00397EPSS

CVE•added 2020/07/16 6:15 p.m.•41 views

CVE-2019-20909

An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.

7.5CVSS7.4AI score0.00336EPSS

CVE•added 2020/07/16 6:15 p.m.•41 views

CVE-2019-20911

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.

6.5CVSS6.2AI score0.00285EPSS

CVE•added 2020/07/16 6:15 p.m.•38 views

CVE-2019-20914

An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.

9.8CVSS9.2AI score0.00372EPSS

CVE•added 2020/07/16 6:15 p.m.•38 views

CVE-2019-20915

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.

8.1CVSS7.9AI score0.00397EPSS

CVE•added 2020/07/16 6:15 p.m.•37 views

CVE-2019-20912

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.

8.8CVSS8.7AI score0.0042EPSS

CVE•added 2020/07/16 6:15 p.m.•36 views

CVE-2019-20910

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.

8.1CVSS8.2AI score0.0051EPSS

CVE•added 2020/07/17 4:15 p.m.•34 views

CVE-2020-15807

GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.

6.5CVSS6.4AI score0.00411EPSS