Описание
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-20009
- https://github.com/LibreDWG/libredwg/issues/176
- https://github.com/LibreDWG/libredwg/issues/176#issue-541977765
- https://github.com/LibreDWG/libredwg/compare/0.9.2...0.9.3
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html
EPSS
Процентиль: 68%
0.00556
Низкий
CVE ID
Связанные уязвимости
CVSS3: 6.5
nvd
около 6 лет назад
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
CVSS3: 6.5
debian
около 6 лет назад
An issue was discovered in GNU LibreDWG before 0.93. Crafted input wil ...
EPSS
Процентиль: 68%
0.00556
Низкий