Vulnerabilities > GNU > Libredwg > 0.10.2635

DATE CVE VULNERABILITY TITLE RISK
2024-01-02 CVE-2023-26157 Out-of-bounds Read vulnerability in GNU Libredwg
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
network
low complexity
gnu CWE-125
7.5
7.5
2022-05-23 CVE-2021-42585 Out-of-bounds Write vulnerability in GNU Libredwg
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
network
gnu CWE-787
6.8
6.8
2022-05-23 CVE-2021-42586 Out-of-bounds Write vulnerability in GNU Libredwg
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
network
gnu CWE-787
6.8
6.8
2020-07-17 CVE-2020-15807 NULL Pointer Dereference vulnerability in GNU Libredwg
GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.
network
gnu CWE-476
4.3
4.3