RSS   Podatności dla 'Libredwg'   RSS

2020-01-08
 
CVE-2020-6615

CWE-476
 

 
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).

 
 
CVE-2020-6614

CWE-125
 

 
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.

 
 
CVE-2020-6613

CWE-125
 

 
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.

 
 
CVE-2020-6612

CWE-125
 

 
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.

 
 
CVE-2020-6611

CWE-476
 

 
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.

 
 
CVE-2020-6610

CWE-400
 

 
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.

 
 
CVE-2020-6609

CWE-125
 

 
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.

 
2019-12-27
 
CVE-2019-20015

CWE-400
 

 
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.

 
 
CVE-2019-20014

CWE-415
 

 
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.

 
 
CVE-2019-20013

CWE-400
 

 
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.

 


Copyright 2020, cxsecurity.com

 

Back to Top