CVE-2019-9778

Опубликовано: 14 мар. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html
Third Party Advisory
http://www.securityfocus.com/bid/107447
Broken Link
Third Party Advisory
VDB Entry
https://github.com/LibreDWG/libredwg/issues/99
Exploit
Third Party Advisory
https://savannah.gnu.org/bugs/index.php?55893
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html
Third Party Advisory
http://www.securityfocus.com/bid/107447
Broken Link
Third Party Advisory
VDB Entry
https://github.com/LibreDWG/libredwg/issues/99
Exploit
Third Party Advisory
https://savannah.gnu.org/bugs/index.php?55893
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnu:libredwg:0.7:*:*:*:*:*:*:*

cpe:2.3:a:gnu:libredwg:0.7.1645:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02388

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2019-9778

CVSS3: 7.5

debian

почти 7 лет назад

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...

GHSA-2r97-c5fx-x5hg

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.

openSUSE-SU-2020:0068-1

suse-cvrf

около 6 лет назад

Security update for libredwg

EPSS

Процентиль: 85%

0.02388

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125