gnu libredwg CVE 漏洞（88）

CVE 數: 88 CPE versions: View versions table

摘要

本頁列出影響 gnu libredwg 的已公開 CVE 漏洞（透過 NVD CPE 關聯）。每列包含嚴重程度評分、摘要與發布日期，便於識別與分析安全議題。

CVE	摘要	來源	最高 CVSS	EPSS %	公開時間	更新時間
CVE-2025-61154	Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at decode.c.	[email protected]	6.5	0.05%	2026-03-12	2026-06-02
CVE-2023-26157	Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.	[email protected]	5.5	0.04%	2024-01-02	2024-11-21
CVE-2023-36274	LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.	[email protected]	8.8	0.16%	2023-06-23	2025-03-14
CVE-2023-36273	LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.	[email protected]	8.8	0.16%	2023-06-23	2024-11-21
CVE-2023-36272	LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.	[email protected]	8.8	0.16%	2023-06-23	2025-04-08
CVE-2023-36271	LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.	[email protected]	8.8	0.16%	2023-06-23	2025-03-14
CVE-2023-25222	A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.	[email protected]	8.8	0.44%	2023-03-01	2024-11-21
CVE-2022-45332	LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.	[email protected]	7.8	0.09%	2022-11-30	2025-04-24
CVE-2022-35164	LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.	[email protected]	9.8	0.36%	2022-08-18	2024-11-21
CVE-2022-33034	LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.	[email protected]	7.8	0.25%	2022-06-23	2024-11-21
CVE-2022-33033	LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.	[email protected]	7.8	0.24%	2022-06-23	2024-11-21
CVE-2022-33032	LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.	[email protected]	7.8	0.24%	2022-06-23	2024-11-21
CVE-2022-33028	LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.	[email protected]	7.8	0.24%	2022-06-23	2024-11-21
CVE-2022-33027	LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.	[email protected]	7.8	0.24%	2022-06-23	2024-11-21
CVE-2022-33026	LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.	[email protected]	7.8	0.25%	2022-06-23	2024-11-21
CVE-2022-33025	LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.	[email protected]	7.8	0.10%	2022-06-23	2024-11-21
CVE-2022-33024	There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain , Dwg_Data ' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.	[email protected]	7.5	0.27%	2022-06-23	2024-11-21
CVE-2021-42586	A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.	[email protected]	8.8	0.40%	2022-05-23	2024-11-21
CVE-2021-42585	A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.	[email protected]	8.8	0.40%	2022-05-23	2024-11-21
CVE-2021-45950	LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).	[email protected]	6.5	0.23%	2022-01-01	2024-11-21

cvelogic Threat Intelligence