CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 2CVE-2019-9771
https://notcve.org/view.php?id=CVE-2019-9771
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una desreferencia de puntero NULL en la función bit_convert_TU en bits.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99 https://savannah.gnu.org/bugs/index.php?55893 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 1%CPEs: 4EXPL: 1CVE-2019-9775
https://notcve.org/view.php?id=CVE-2019-9775
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una lectura fuera de límites en la función dwg_dxf_BLOCK_CONTROL en dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99 https://savannah.gnu.org/bugs/index.php?55893 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2019-9772
https://notcve.org/view.php?id=CVE-2019-9772
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una desreferencia de puntero NULL en la función dwg_dxf_LEADER en dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99 https://savannah.gnu.org/bugs/index.php?55893 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9778
https://notcve.org/view.php?id=CVE-2019-9778
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función dwg_dxf_LTYPE en dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99 https://savannah.gnu.org/bugs/index.php?55893 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14524
https://notcve.org/view.php?id=CVE-2018-14524
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs. dwg_decode_eed en decode.c en GNU LibreDWG en versiones anteriores a la 0.6 conduce a una doble liberación (double free) en dwg_free_eed en free.c, porque no gestiona correctamente el valor obj->eed después de que ocurra una liberación. • https://github.com/LibreDWG/libredwg/issues/33 https://savannah.gnu.org/forum/forum.php?forum_id=9211 • CWE-415: Double Free •