Описание
A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.1.2-1ubuntu0.1 |
| devel | needs-triage | |
| esm-apps/bionic | released | 2.1.2-1ubuntu0.1 |
| esm-apps/focal | released | 2.1.3-1.2+deb10u1build0.20.04.1 |
| esm-apps/jammy | released | 2.1.3-2 |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | released | 2.0.9-2ubuntu0.1~esm1 |
| focal | released | 2.1.3-1.2+deb10u1build0.20.04.1 |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
A code execution vulnerability exists in the dwgCompressor::copyCompBy ...
A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
Уязвимость функции dwgCompressor :: copyCompBytes21 библиотеки libdfxfw системы автоматизированного проектирования работ LibreCad, позволяющая нарушителю выполнить произвольный код
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3