Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Libredwg
Total 87 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20013 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
CVE-2020-6614 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.
CVE-2019-20010 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
CVE-2020-6612 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
CVE-2020-6615 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
CVE-2019-20009 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
CVE-2020-6611 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
CVE-2019-20012 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
CVE-2019-20014 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
CVE-2020-6610 2 Gnu, Opensuse 3 Libredwg, Backports, Leap 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
CVE-2019-20011 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
CVE-2019-20015 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
CVE-2020-6609 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 6.8 MEDIUM 8.8 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
CVE-2020-6613 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
CVE-2019-9779 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
CVE-2019-9774 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
CVE-2019-9775 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
CVE-2019-9770 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
CVE-2019-9773 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
CVE-2019-9776 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).