Product:

Libredwg

(Gnu)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 87
Date Id Summary Products Score Patch Annotated
2022-06-23 CVE-2022-33032 LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. Libredwg 7.8
2022-11-30 CVE-2022-45332 LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. Libredwg 7.8
2021-05-17 CVE-2020-21827 A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. Libredwg 7.8
2021-05-17 CVE-2020-21839 An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. Libredwg 6.5
2020-01-08 CVE-2020-6609 GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. Libredwg, Backports_sle, Leap 8.8
2020-01-08 CVE-2020-6611 GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. Libredwg, Backports_sle, Leap 6.5
2020-01-08 CVE-2020-6612 GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. Libredwg, Backports_sle, Leap 8.1
2020-01-08 CVE-2020-6613 GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. Libredwg, Backports_sle, Leap 8.1
2020-01-08 CVE-2020-6614 GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. Libredwg, Backports_sle, Leap 8.1
2020-01-08 CVE-2020-6615 GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). Libredwg, Backports_sle, Leap 6.5