Product:

Libredwg

(Gnu)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 87
Date Id Summary Products Score Patch Annotated
2022-08-18 CVE-2022-35164 LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. Libredwg 9.8
2022-06-23 CVE-2022-33024 There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. Libredwg 7.5
2022-06-23 CVE-2022-33033 LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. Libredwg 7.8
2022-06-23 CVE-2022-33034 LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. Libredwg 7.8
2022-05-23 CVE-2021-42585 A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. Libredwg 8.8
2022-05-23 CVE-2021-42586 A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. Libredwg 8.8
2019-03-14 CVE-2019-9773 An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension. Libredwg, Backports_sle, Leap 7.5
2019-03-14 CVE-2019-9775 An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec. Libredwg, Backports_sle, Leap 9.1
2019-03-14 CVE-2019-9776 An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779). Libredwg, Backports_sle, Leap 7.5
2019-03-14 CVE-2019-9778 An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec. Libredwg, Backports_sle, Leap 7.5