Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libredwg
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 87 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-23 | CVE-2022-33026 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | Libredwg | 7.8 | ||
| 2022-06-23 | CVE-2022-33027 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. | Libredwg | 7.8 | ||
| 2022-06-23 | CVE-2022-33028 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c. | Libredwg | 7.8 | ||
| 2022-06-23 | CVE-2022-33032 | LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. | Libredwg | 7.8 | ||
| 2022-11-30 | CVE-2022-45332 | LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | Libredwg | 7.8 | ||
| 2021-05-17 | CVE-2020-21827 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. | Libredwg | 7.8 | ||
| 2021-05-17 | CVE-2020-21839 | An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. | Libredwg | 6.5 | ||
| 2020-01-08 | CVE-2020-6609 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. | Libredwg, Backports_sle, Leap | 8.8 | ||
| 2020-01-08 | CVE-2020-6611 | GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | Libredwg, Backports_sle, Leap | 6.5 | ||
| 2020-01-08 | CVE-2020-6612 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | Libredwg, Backports_sle, Leap | 8.1 |