Libredwg Security Vulnerabilities and Issues — Libredwg CVE List

Lucene search

GnuLibredwg

17 matches found

CVE•added 2019/12/27 1:15 a.m.•178 views

CVE-2019-20013

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.

6.5CVSS7.4AI score0.00556EPSS

CVE•added 2019/12/27 1:15 a.m.•171 views

CVE-2019-20010

An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.

8.8CVSS8.8AI score0.0051EPSS

CVE•added 2019/12/27 1:15 a.m.•171 views

CVE-2019-20011

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.

8.8CVSS8.2AI score0.0051EPSS

CVE•added 2019/12/27 1:15 a.m.•171 views

CVE-2019-20012

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.

6.5CVSS7.4AI score0.00577EPSS

CVE•added 2019/12/27 1:15 a.m.•169 views

CVE-2019-20009

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.

6.5CVSS7.4AI score0.00556EPSS

CVE•added 2019/12/27 1:15 a.m.•169 views

CVE-2019-20015

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.

6.5CVSS7.4AI score0.00577EPSS

CVE•added 2019/12/27 1:15 a.m.•167 views

CVE-2019-20014

An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.

8.8CVSS8.8AI score0.0051EPSS

CVE•added 2019/03/14 9:29 a.m.•120 views

CVE-2019-9773

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.

7.5CVSS8.5AI score0.02801EPSS

CVE•added 2019/03/14 9:29 a.m.•120 views

CVE-2019-9775

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.

9.1CVSS9AI score0.03129EPSS

CVE•added 2019/03/14 9:29 a.m.•118 views

CVE-2019-9771

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.

7.5CVSS8.2AI score0.02523EPSS

CVE•added 2019/03/14 9:29 a.m.•115 views

CVE-2019-9777

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.

7.5CVSS8.3AI score0.02434EPSS

CVE•added 2019/03/14 9:29 a.m.•112 views

CVE-2019-9770

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.

7.5CVSS8.5AI score0.02893EPSS

CVE•added 2019/03/14 9:29 a.m.•110 views

CVE-2019-9774

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.

9.1CVSS9AI score0.03129EPSS

CVE•added 2019/03/14 9:29 a.m.•110 views

CVE-2019-9776

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).

7.5CVSS7.3AI score0.02442EPSS

CVE•added 2019/03/14 9:29 a.m.•110 views

CVE-2019-9779

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).

7.5CVSS7.3AI score0.02442EPSS

CVE•added 2019/03/14 9:29 a.m.•109 views

CVE-2019-9778

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.

7.5CVSS8.3AI score0.02434EPSS

CVE•added 2019/03/14 9:29 a.m.•29 views

CVE-2019-9772

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.

7.5CVSS8.2AI score0.02442EPSS