Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libredwg
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 87 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-03-14 | CVE-2019-9772 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec. | Libredwg, Backports_sle, Leap | 7.5 | ||
| 2019-03-14 | CVE-2019-9774 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c. | Libredwg, Backports_sle, Leap | 9.1 | ||
| 2019-03-14 | CVE-2019-9777 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec. | Libredwg, Backports_sle, Leap | 7.5 | ||
| 2020-07-16 | CVE-2019-20915 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c. | Libredwg | N/A | ||
| 2020-07-16 | CVE-2019-20914 | An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec. | Libredwg | N/A | ||
| 2020-07-16 | CVE-2019-20913 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec. | Libredwg | N/A | ||
| 2020-07-16 | CVE-2019-20912 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF. | Libredwg | N/A | ||
| 2020-07-16 | CVE-2019-20911 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop. | Libredwg | N/A | ||
| 2020-07-16 | CVE-2019-20910 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011. | Libredwg | N/A | ||
| 2020-07-16 | CVE-2019-20909 | An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec. | Libredwg | N/A |