CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20011
https://notcve.org/view.php?id=CVE-2019-20011
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. Se detectó un problema en GNU LibreDWG versión 0.92. Se presenta una lectura excesiva del búfer en la región heap de la memoria en la función decode_R13_R2000 en el archivo decode.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643439 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20012
https://notcve.org/view.php?id=CVE-2019-20012
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. Se detectó un problema en GNU LibreDWG versión 0.92. Una entrada diseñada conllevará a un intento de asignación de memoria excesiva en la función dwg_decode_HATCH_private en el archivo dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643088 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20013
https://notcve.org/view.php?id=CVE-2019-20013
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. Se detectó un problema en GNU LibreDWG versiones anteriores a 0.93. Una entrada diseñada conllevará a un intento de asignación de memoria excesiva en la función decode_3dsolid en el archivo dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/compare/0.9.2...0.9.3 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643060 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20014
https://notcve.org/view.php?id=CVE-2019-20014
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. Se detectó un problema en GNU LibreDWG versiones anteriores a 0.93. Se presenta una doble liberación en la función dwg_free en el archivo free.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/compare/0.9.2...0.9.3 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643172 • CWE-415: Double Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20015
https://notcve.org/view.php?id=CVE-2019-20015
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. Se detectó un problema en GNU LibreDWG versión 0.92. Una entrada diseñada conllevará a un intento de asignación de memoria excesiva en la función dwg_decode_LWPOLYLINE_private en el archivo dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643028 • CWE-770: Allocation of Resources Without Limits or Throttling •