rpm package
opensuse/libredwg&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/libredwg&distro=openSUSE%20Leap%2015.5
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-26157 | — | < 0.12.5.6924-bp155.3.6.1 | 0.12.5.6924-bp155.3.6.1 | Jan 2, 2024 | Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | ||
| CVE-2023-36274 | — | < 0.12.5.5907-bp155.3.3.1 | 0.12.5.5907-bp155.3.3.1 | Jun 23, 2023 | LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. | ||
| CVE-2023-36273 | — | < 0.12.5.5907-bp155.3.3.1 | 0.12.5.5907-bp155.3.3.1 | Jun 23, 2023 | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | ||
| CVE-2023-36272 | — | < 0.12.5.5907-bp155.3.3.1 | 0.12.5.5907-bp155.3.3.1 | Jun 23, 2023 | LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. | ||
| CVE-2023-36271 | — | < 0.12.5.5907-bp155.3.3.1 | 0.12.5.5907-bp155.3.3.1 | Jun 23, 2023 | LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. | ||
| CVE-2022-33025 | — | < 0.12.5.5907-bp155.3.3.1 | 0.12.5.5907-bp155.3.3.1 | Jun 22, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. |
- CVE-2023-26157Jan 2, 2024affected < 0.12.5.6924-bp155.3.6.1fixed 0.12.5.6924-bp155.3.6.1
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
- CVE-2023-36274Jun 23, 2023affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
- CVE-2023-36273Jun 23, 2023affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
- CVE-2023-36272Jun 23, 2023affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
- CVE-2023-36271Jun 23, 2023affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
- CVE-2022-33025Jun 22, 2022affected < 0.12.5.5907-bp155.3.3.1fixed 0.12.5.5907-bp155.3.3.1
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.