Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libredwg
(Gnu)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 87 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-07-16 | CVE-2019-20911 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop. | Libredwg | N/A | ||
2020-07-16 | CVE-2019-20910 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011. | Libredwg | N/A | ||
2020-07-16 | CVE-2019-20909 | An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec. | Libredwg | N/A | ||
2019-12-27 | CVE-2019-20015 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | Libredwg, Backports_sle, Leap | N/A | ||
2019-12-27 | CVE-2019-20014 | An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. | Libredwg, Backports_sle, Leap | N/A | ||
2019-12-27 | CVE-2019-20013 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | Libredwg, Backports_sle, Leap | N/A | ||
2019-12-27 | CVE-2019-20012 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. | Libredwg, Backports_sle, Leap | N/A | ||
2019-12-27 | CVE-2019-20011 | An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. | Libredwg, Backports_sle, Leap | N/A | ||
2019-12-27 | CVE-2019-20010 | An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. | Libredwg, Backports_sle, Leap | N/A | ||
2019-12-27 | CVE-2019-20009 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | Libredwg, Backports_sle, Leap | N/A |