CVE-2020-23861
Published
CVSS v3
5.5
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
Official mirror of libredwg. With CI hooks and nightly releases. PR's ok
GitHub