CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26157
https://notcve.org/view.php?id=CVE-2023-26157
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. Las versiones del paquete libredwg anteriores a 0.12.5.6384 son vulnerables a la Denegación de Servicio (DoS) debido a una lectura fuera de los límites que involucra section->num_pages en decode_r2007.c. • https://github.com/LibreDWG/libredwg/commit/c8cf03ce4c2315b146caf582ea061c0460193bcc https://github.com/LibreDWG/libredwg/issues/850 https://security.snyk.io/vuln/SNYK-UNMANAGED-LIBREDWG-6070730 • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36272
https://notcve.org/view.php?id=CVE-2023-36272
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. • https://github.com/LibreDWG/libredwg/issues/681#BUG1 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36274
https://notcve.org/view.php?id=CVE-2023-36274
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. • https://github.com/LibreDWG/libredwg/issues/677#BUG2 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36271
https://notcve.org/view.php?id=CVE-2023-36271
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. • https://github.com/LibreDWG/libredwg/issues/681#BUG2 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36273
https://notcve.org/view.php?id=CVE-2023-36273
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. • https://github.com/LibreDWG/libredwg/issues/677#BUG1 • CWE-787: Out-of-bounds Write •