GNU LibreDWG 0.10

CPE Details

GNU LibreDWG 0.10
0.10
2020-05-29
16h07 +00:00
2020-05-29
16h07 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*

Informations

Vendor

gnu

Product

libredwg

Version

0.10

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-26157 2024-01-02 05h00 +00:00 Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
7.5
High
CVE-2023-36271 2023-06-23 00h00 +00:00 LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
8.8
High
CVE-2023-36272 2023-06-23 00h00 +00:00 LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
8.8
High
CVE-2022-35164 2022-08-18 02h49 +00:00 LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.
9.8
Critical
CVE-2021-42586 2022-05-23 08h39 +00:00 A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
8.8
High
CVE-2021-42585 2022-05-23 08h35 +00:00 A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
8.8
High
CVE-2021-39525 2021-09-20 13h28 +00:00 An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
8.8
High
CVE-2021-39523 2021-09-20 13h26 +00:00 An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.
6.5
Medium
CVE-2021-39527 2021-09-20 13h26 +00:00 An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.
8.8
High
CVE-2021-39528 2021-09-20 13h26 +00:00 An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.
8.8
High
CVE-2021-39530 2021-09-20 13h26 +00:00 An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow.
8.8
High
CVE-2021-39521 2021-09-20 13h26 +00:00 An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.
6.5
Medium
CVE-2021-39522 2021-09-20 13h26 +00:00 An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow.
8.8
High
CVE-2020-21831 2021-05-17 19h08 +00:00 A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637.
8.8
High
CVE-2020-21844 2021-05-17 19h06 +00:00 GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
8.8
High
CVE-2020-21843 2021-05-17 19h03 +00:00 A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
8.8
High
CVE-2020-21842 2021-05-17 19h01 +00:00 A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
8.8
High
CVE-2020-21841 2021-05-17 18h59 +00:00 A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
8.8
High
CVE-2020-21840 2021-05-17 18h58 +00:00 A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
8.8
High
CVE-2020-21839 2021-05-17 18h55 +00:00 An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
6.5
Medium
CVE-2020-21838 2021-05-17 18h41 +00:00 A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
8.8
High
CVE-2020-21836 2021-05-17 18h33 +00:00 A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175.
8.8
High
CVE-2020-21835 2021-05-17 18h28 +00:00 A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
6.5
Medium
CVE-2020-21834 2021-05-17 18h25 +00:00 A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
6.5
Medium
CVE-2020-21833 2021-05-17 18h23 +00:00 A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
8.8
High
CVE-2020-21832 2021-05-17 18h20 +00:00 A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417.
8.8
High
CVE-2020-21830 2021-05-17 18h09 +00:00 A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.
8.8
High
CVE-2020-21827 2021-05-17 17h46 +00:00 A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379.
7.8
High
CVE-2020-15807 2020-07-17 13h35 +00:00 GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.
6.5
Medium