CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20013
https://notcve.org/view.php?id=CVE-2019-20013
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. Se detectó un problema en GNU LibreDWG versiones anteriores a 0.93. Una entrada diseñada conllevará a un intento de asignación de memoria excesiva en la función decode_3dsolid en el archivo dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/compare/0.9.2...0.9.3 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643060 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20014
https://notcve.org/view.php?id=CVE-2019-20014
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. Se detectó un problema en GNU LibreDWG versiones anteriores a 0.93. Se presenta una doble liberación en la función dwg_free en el archivo free.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/compare/0.9.2...0.9.3 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643172 • CWE-415: Double Free •
CVSS: 9.1EPSS: 1%CPEs: 4EXPL: 1CVE-2019-9774
https://notcve.org/view.php?id=CVE-2019-9774
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una lectura fuera de límites en la función bit_read_B en bits.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99 https://savannah.gnu.org/bugs/index.php?55893 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9773
https://notcve.org/view.php?id=CVE-2019-9773
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función dwg_decode_eed_data en decode.c para la dimensión "z". • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99 https://savannah.gnu.org/bugs/index.php?55893 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9779
https://notcve.org/view.php?id=CVE-2019-9779
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776). Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una desreferencia de puntero NULL en la función dwg_dxf_LTYPE en dwg.spec (anterior a CVE-2019-9776). • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99 https://savannah.gnu.org/bugs/index.php?55893 • CWE-476: NULL Pointer Dereference •