LibreDWG/libredwg

GitHub

github.com

savannah.gnu.org

Releases1.43K

Frequency4 days 8 hours

Last Release about 21 hours ago

Stars1.43K

Official mirror of libredwg. With CI hooks and nightly releases. PR's ok

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-9605 ↗	May 27, 2026Wednesday, 27 May 2026, 00:16	7.3 HIGH	7.5 HIGH
A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. Patch name: 8f03865f37f5d4ffd616fef802acc980be54d300. Applying a patch is the recommended action to fix this issue.
CVE-2026-9530 ↗	May 26, 2026Tuesday, 26 May 2026, 05:16	3.3 LOW	1.7 LOW
A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been made available to the public and could be used for attacks. This patch is called 8f03865f37f5d4ffd616fef802acc980be54d300. It is advisable to implement a patch to correct this issue.
CVE-2026-9529 ↗	May 26, 2026Tuesday, 26 May 2026, 05:16	3.3 LOW	1.7 LOW
A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match_BLOCK_HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been released to the public and may be used for attacks.
CVE-2026-9504 ↗	May 25, 2026Monday, 25 May 2026, 22:16	3.3 LOW	1.7 LOW
A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bit_convert_TU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. Patch name: be996bf2178a40e98720f18c2414815d244413db. Applying a patch is the recommended action to fix this issue.
CVE-2026-9503 ↗	May 25, 2026Monday, 25 May 2026, 21:16	3.3 LOW	1.7 LOW
A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwg_next_entity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. The patch is identified as 8f03865f37f5d4ffd616fef802acc980be54d300. Upgrading the affected component is advised.
CVE-2026-9500 ↗	May 25, 2026Monday, 25 May 2026, 21:16	5.3 MEDIUM	4.3 MEDIUM
A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
CVE-2026-9502 ↗	May 25, 2026Monday, 25 May 2026, 21:16	5.3 MEDIUM	4.3 MEDIUM
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is e501cb9926c1e9a07a0d1cc997f3e69e9be801c9. To fix this issue, it is recommended to deploy a patch.
CVE-2026-9501 ↗	May 25, 2026Monday, 25 May 2026, 21:16	3.3 LOW	1.7 LOW
A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. This patch is called e501cb9926c1e9a07a0d1cc997f3e69e9be801c9. A patch should be applied to remediate this issue.
CVE-2025-61154 ↗	Mar 12, 2026Thursday, 12 March 2026, 19:16	6.5 MEDIUM	—
Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at decode.c.
CVE-2023-26157 ↗	Jan 2, 2024Tuesday, 2 January 2024, 05:15	5.5 MEDIUM	—
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
CVE-2023-36274 ↗	Jun 23, 2023Friday, 23 June 2023, 15:15	8.8 HIGH	—
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
CVE-2023-36273 ↗	Jun 23, 2023Friday, 23 June 2023, 15:15	8.8 HIGH	—
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
CVE-2023-36272 ↗	Jun 23, 2023Friday, 23 June 2023, 15:15	8.8 HIGH	—
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
CVE-2023-36271 ↗	Jun 23, 2023Friday, 23 June 2023, 15:15	8.8 HIGH	—
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
CVE-2023-25222 ↗	Mar 1, 2023Wednesday, 1 March 2023, 15:15	8.8 HIGH	—
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.
CVE-2022-45332 ↗	Nov 30, 2022Wednesday, 30 November 2022, 03:15	7.8 HIGH	—
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2022-35164 ↗	Aug 18, 2022Thursday, 18 August 2022, 05:15	9.8 CRITICAL	—
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.
CVE-2022-33034 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.8 HIGH	6.8 MEDIUM
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
CVE-2022-33033 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.8 HIGH	6.8 MEDIUM
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
CVE-2022-33032 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.8 HIGH	6.8 MEDIUM
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2022-33028 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.8 HIGH	6.8 MEDIUM
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
CVE-2022-33027 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.8 HIGH	6.8 MEDIUM
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.
CVE-2022-33026 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.8 HIGH	6.8 MEDIUM
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
CVE-2022-33025 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.8 HIGH	6.8 MEDIUM
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.
CVE-2022-33024 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	7.5 HIGH	5 MEDIUM
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain , Dwg_Data ' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.
CVE-2021-42586 ↗	May 23, 2022Monday, 23 May 2022, 11:16	8.8 HIGH	6.8 MEDIUM
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2021-42585 ↗	May 23, 2022Monday, 23 May 2022, 11:16	8.8 HIGH	6.8 MEDIUM
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2021-28237 ↗	Dec 2, 2021Thursday, 2 December 2021, 22:15	9.8 CRITICAL	7.5 HIGH
LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.
CVE-2021-28236 ↗	Dec 2, 2021Thursday, 2 December 2021, 22:15	7.5 HIGH	5 MEDIUM
LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c.
CVE-2021-39530 ↗	Sep 20, 2021Monday, 20 September 2021, 16:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow.
CVE-2021-39527 ↗	Sep 20, 2021Monday, 20 September 2021, 16:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.
CVE-2021-39528 ↗	Sep 20, 2021Monday, 20 September 2021, 16:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.
CVE-2021-39525 ↗	Sep 20, 2021Monday, 20 September 2021, 16:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
CVE-2021-39523 ↗	Sep 20, 2021Monday, 20 September 2021, 16:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.
CVE-2021-39522 ↗	Sep 20, 2021Monday, 20 September 2021, 16:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow.
CVE-2021-39521 ↗	Sep 20, 2021Monday, 20 September 2021, 16:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.
CVE-2021-36080 ↗	Jul 1, 2021Thursday, 1 July 2021, 03:15	8.8 HIGH	6.8 MEDIUM
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
CVE-2020-23861 ↗	May 18, 2021Tuesday, 18 May 2021, 16:15	5.5 MEDIUM	4.3 MEDIUM
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
CVE-2020-21843 ↗	May 17, 2021Monday, 17 May 2021, 22:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
CVE-2020-21842 ↗	May 17, 2021Monday, 17 May 2021, 22:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
CVE-2020-21831 ↗	May 17, 2021Monday, 17 May 2021, 22:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637.
CVE-2020-21844 ↗	May 17, 2021Monday, 17 May 2021, 22:15	8.8 HIGH	6.8 MEDIUM
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
CVE-2020-21838 ↗	May 17, 2021Monday, 17 May 2021, 21:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
CVE-2020-21839 ↗	May 17, 2021Monday, 17 May 2021, 21:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
CVE-2020-21840 ↗	May 17, 2021Monday, 17 May 2021, 21:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
CVE-2020-21841 ↗	May 17, 2021Monday, 17 May 2021, 21:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
CVE-2020-21834 ↗	May 17, 2021Monday, 17 May 2021, 21:15	6.5 MEDIUM	4.3 MEDIUM
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
CVE-2020-21830 ↗	May 17, 2021Monday, 17 May 2021, 21:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.
CVE-2020-21836 ↗	May 17, 2021Monday, 17 May 2021, 21:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175.
CVE-2020-21833 ↗	May 17, 2021Monday, 17 May 2021, 21:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
CVE-2020-21835 ↗	May 17, 2021Monday, 17 May 2021, 21:15	6.5 MEDIUM	4.3 MEDIUM
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
CVE-2020-21832 ↗	May 17, 2021Monday, 17 May 2021, 21:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417.
CVE-2020-21827 ↗	May 17, 2021Monday, 17 May 2021, 20:15	7.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379.
CVE-2020-21819 ↗	May 17, 2021Monday, 17 May 2021, 19:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51.
CVE-2020-21814 ↗	May 17, 2021Monday, 17 May 2021, 19:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/escape.c:97.
CVE-2020-21815 ↗	May 17, 2021Monday, 17 May 2021, 19:15	6.5 MEDIUM	4.3 MEDIUM
A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash).
CVE-2020-21816 ↗	May 17, 2021Monday, 17 May 2021, 19:15	8.8 HIGH	6.8 MEDIUM
A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46.
CVE-2020-21817 ↗	May 17, 2021Monday, 17 May 2021, 19:15	6.5 MEDIUM	4.3 MEDIUM
A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash).
CVE-2020-21818 ↗	May 17, 2021Monday, 17 May 2021, 19:15	8.8 HIGH	6.8 MEDIUM
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48.
CVE-2020-21813 ↗	May 17, 2021Monday, 17 May 2021, 18:15	7.8 HIGH	6.8 MEDIUM
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114.
CVE-2020-15807 ↗	Jul 17, 2020Friday, 17 July 2020, 16:15	6.5 MEDIUM	4.3 MEDIUM
GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.
CVE-2019-20915 ↗	Jul 16, 2020Thursday, 16 July 2020, 18:15	8.1 HIGH	5.8 MEDIUM
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.
CVE-2019-20910 ↗	Jul 16, 2020Thursday, 16 July 2020, 18:15	8.1 HIGH	5.8 MEDIUM
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.
CVE-2019-20911 ↗	Jul 16, 2020Thursday, 16 July 2020, 18:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.
CVE-2019-20912 ↗	Jul 16, 2020Thursday, 16 July 2020, 18:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
CVE-2019-20914 ↗	Jul 16, 2020Thursday, 16 July 2020, 18:15	9.8 CRITICAL	7.5 HIGH
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.
CVE-2019-20913 ↗	Jul 16, 2020Thursday, 16 July 2020, 18:15	8.1 HIGH	5.8 MEDIUM
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.
CVE-2019-20909 ↗	Jul 16, 2020Thursday, 16 July 2020, 18:15	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.
CVE-2020-6611 ↗	Jan 8, 2020Wednesday, 8 January 2020, 21:15	6.5 MEDIUM	4.3 MEDIUM
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
CVE-2020-6615 ↗	Jan 8, 2020Wednesday, 8 January 2020, 21:15	6.5 MEDIUM	4.3 MEDIUM
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
CVE-2020-6609 ↗	Jan 8, 2020Wednesday, 8 January 2020, 21:15	8.8 HIGH	6.8 MEDIUM
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
CVE-2020-6610 ↗	Jan 8, 2020Wednesday, 8 January 2020, 21:15	6.5 MEDIUM	4.3 MEDIUM
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
CVE-2020-6612 ↗	Jan 8, 2020Wednesday, 8 January 2020, 21:15	8.1 HIGH	5.8 MEDIUM
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
CVE-2020-6613 ↗	Jan 8, 2020Wednesday, 8 January 2020, 21:15	8.1 HIGH	5.8 MEDIUM
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
CVE-2020-6614 ↗	Jan 8, 2020Wednesday, 8 January 2020, 21:15	8.1 HIGH	5.8 MEDIUM
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.
CVE-2019-20014 ↗	Dec 27, 2019Friday, 27 December 2019, 01:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
CVE-2019-20015 ↗	Dec 27, 2019Friday, 27 December 2019, 01:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
CVE-2019-20009 ↗	Dec 27, 2019Friday, 27 December 2019, 01:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
CVE-2019-20010 ↗	Dec 27, 2019Friday, 27 December 2019, 01:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
CVE-2019-20011 ↗	Dec 27, 2019Friday, 27 December 2019, 01:15	8.8 HIGH	6.8 MEDIUM
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
CVE-2019-20012 ↗	Dec 27, 2019Friday, 27 December 2019, 01:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
CVE-2019-20013 ↗	Dec 27, 2019Friday, 27 December 2019, 01:15	6.5 MEDIUM	4.3 MEDIUM
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
CVE-2019-9778 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
CVE-2019-9777 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
CVE-2019-9779 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
CVE-2019-9772 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
CVE-2019-9776 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
CVE-2019-9775 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	9.1 CRITICAL	6.4 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
CVE-2019-9774 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	9.1 CRITICAL	6.4 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
CVE-2019-9773 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
CVE-2019-9770 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
CVE-2019-9771 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	7.5 HIGH	5 MEDIUM
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
CVE-2018-14524 ↗	Jul 23, 2018Monday, 23 July 2018, 08:29	—	4.3 MEDIUM
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
CVE-2018-14471 ↗	Jul 20, 2018Friday, 20 July 2018, 16:29	—	4.3 MEDIUM
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.