5 matches found
CVE-2022-33028
CVE-2022-33028 affects LibreDWG (v0.12.4.4608). A heap buffer overflow is triggered by the function dwg_add_object in decode.c. The vulnerability is documented across multiple sources (NVD, Red Hat, SUSE, CNVD, etc.) with impact described as partial to high on confidentiality, integrity, and avai...
CVE-2022-33027
LibreDWG v0.12.4.4608 contains a heap-use-after-free vulnerability triggered by the function dwg_add_handleref in dwg.c. Multiple sources (including Red Hat, SUSE, PRION/PT-Security entries) corroborate this issue without publicly available patch details in the provided documents. Exploitation st...
CVE-2022-33025
CVE-2022-33025 affects LibreDWG, specifically v0.12.4.4608, with a heap-use-after-free in decode_preR13_section (decode_r11.c). The issue is addressed in LibreDWG v0.12.5.5907, per the openSUSE/SU (openSUSE-SU-2023:0201-1) advisory and the OSV entry for OPENSUSE-SU-2023:0201-1, which list CVE-202...
CVE-2022-33026
CVE-2022-33026 affects LibreDWG v0.12.4.4608, where the heap buffer overflow is triggered in the bit_calc_CRC function in bits.c. The vulnerability is documented across multiple sources (LibreDWG-related CVE coverage, Red Hat SUSE/CNVD entries) with CVSS indicating a high-impact scenario (confide...
CVE-2022-33032
Affected software: LibreDWG v0.12.4.4608. Root cause: heap-buffer-overflow in the function decode_preR13_section_hdr located in decode_r11.c. Impact: memory corruption with potential execution of arbitrary code (as described by PT-2022-21657). Status / remediation: no patch/version fix informatio...