rpm package
opensuse/libredwg&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/libredwg&distro=openSUSE%20Leap%2015.1
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-6609 | — | < 0.10-lp151.2.6.1 | 0.10-lp151.2.6.1 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. | ||
| CVE-2020-6610 | — | < 0.10-lp151.2.6.1 | 0.10-lp151.2.6.1 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | ||
| CVE-2020-6611 | — | < 0.10-lp151.2.6.1 | 0.10-lp151.2.6.1 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | ||
| CVE-2020-6612 | — | < 0.10-lp151.2.6.1 | 0.10-lp151.2.6.1 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | ||
| CVE-2020-6613 | — | < 0.10-lp151.2.6.1 | 0.10-lp151.2.6.1 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | ||
| CVE-2020-6614 | — | < 0.10-lp151.2.6.1 | 0.10-lp151.2.6.1 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. | ||
| CVE-2020-6615 | — | < 0.10-lp151.2.6.1 | 0.10-lp151.2.6.1 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | ||
| CVE-2019-20009 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | ||
| CVE-2019-20011 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. | ||
| CVE-2019-20012 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. | ||
| CVE-2019-20013 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | ||
| CVE-2019-20014 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. | ||
| CVE-2019-20015 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | ||
| CVE-2019-20010 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. | ||
| CVE-2019-9779 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776). | ||
| CVE-2019-9778 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec. | ||
| CVE-2019-9777 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec. | ||
| CVE-2019-9776 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779). | ||
| CVE-2019-9775 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec. | ||
| CVE-2019-9774 | — | < 0.9.3-lp151.2.3.1 | 0.9.3-lp151.2.3.1 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c. |
- CVE-2020-6609Jan 8, 2020affected < 0.10-lp151.2.6.1fixed 0.10-lp151.2.6.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
- CVE-2020-6610Jan 8, 2020affected < 0.10-lp151.2.6.1fixed 0.10-lp151.2.6.1
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
- CVE-2020-6611Jan 8, 2020affected < 0.10-lp151.2.6.1fixed 0.10-lp151.2.6.1
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
- CVE-2020-6612Jan 8, 2020affected < 0.10-lp151.2.6.1fixed 0.10-lp151.2.6.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
- CVE-2020-6613Jan 8, 2020affected < 0.10-lp151.2.6.1fixed 0.10-lp151.2.6.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
- CVE-2020-6614Jan 8, 2020affected < 0.10-lp151.2.6.1fixed 0.10-lp151.2.6.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.
- CVE-2020-6615Jan 8, 2020affected < 0.10-lp151.2.6.1fixed 0.10-lp151.2.6.1
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
- CVE-2019-20009Dec 27, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
- CVE-2019-20011Dec 27, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
- CVE-2019-20012Dec 27, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
- CVE-2019-20013Dec 27, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
- CVE-2019-20014Dec 27, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
- CVE-2019-20015Dec 27, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
- CVE-2019-20010Dec 27, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
- CVE-2019-9779Mar 14, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
- CVE-2019-9778Mar 14, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
- CVE-2019-9777Mar 14, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
- CVE-2019-9776Mar 14, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
- CVE-2019-9775Mar 14, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
- CVE-2019-9774Mar 14, 2019affected < 0.9.3-lp151.2.3.1fixed 0.9.3-lp151.2.3.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
Page 1 of 2