Known Vulnerabilities for Libredwg by Gnu
Listed below are 10 of the newest known vulnerabilities associated with "Libredwg" by "Gnu".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-39530 | An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39528 | An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39527 | An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39525 | An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39523 | An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_ha... | 6.5 - MEDIUM | 2021-09-20 | 2021-09-24 |
| CVE-2021-39522 | An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39521 | An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() loc... | 6.5 - MEDIUM | 2021-09-20 | 2021-09-24 |
| CVE-2021-36080 | GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode... | 8.8 - HIGH | 2021-07-01 | 2021-07-08 |
| CVE-2021-28237 | LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13. | 9.8 - CRITICAL | 2021-12-02 | 2021-12-06 |
| CVE-2021-28236 | LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c. | 7.5 - HIGH | 2021-12-02 | 2021-12-06 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnu | Libredwg | 0.93 | All | All | All |
| Application | Gnu | Libredwg | 0.92 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2628 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2622 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2618 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2613 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2600 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2595 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2582 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2564 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2560 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2543 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2531 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2529 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2523 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2520 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2519 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2495 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2494 | All | All | All |
| Application | Gnu | Libredwg | 0.9.3.2492 | All | All | All |