VYPR

rpm package

opensuse/libredwg&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/libredwg&distro=openSUSE%20Leap%2015.5

Vulnerabilities (6)

  • CVE-2023-26157Jan 2, 2024
    affected < 0.12.5.6924-bp155.3.6.1fixed 0.12.5.6924-bp155.3.6.1

    Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.

  • CVE-2023-36274Jun 23, 2023
    affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1

    LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.

  • CVE-2023-36273Jun 23, 2023
    affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1

    LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.

  • CVE-2023-36272Jun 23, 2023
    affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1

    LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.

  • CVE-2023-36271Jun 23, 2023
    affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1

    LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.

  • CVE-2022-33025Jun 22, 2022
    affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1

    LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.