Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-36274: [FUZZ] two bugs in dwg2dxf · Issue #677 · LibreDWG/libredwg

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.

CVE
#buffer_overflow

Comments

rurban changed the title [BUG] two bugs in dwg2dxf [FUZZ] two bugs in dwg2dxf

Mar 30, 2023

rurban added a commit that referenced this issue

Mar 30, 2023

Sanitize wrong auxheader_address or auxheader_size. Fixes part1 of GH #677

rurban added a commit that referenced this issue

Mar 30, 2023

1.: use unsigned length 2.: fix wrong size check for case 9, long len.

Fixes GH #677

rurban added a commit that referenced this issue

Mar 30, 2023

Sanitize wrong auxheader_address or auxheader_size. Fixes part1 of GH #677

rurban added a commit that referenced this issue

Mar 30, 2023

1.: use unsigned length 2.: fix wrong size check for case 9, long len.

Fixes GH #677

rurban added a commit that referenced this issue

Mar 30, 2023

Sanitize wrong auxheader_address or auxheader_size. Fixes part1 of GH #677

rurban added a commit that referenced this issue

Mar 30, 2023

1.: use unsigned length 2.: fix wrong size check for case 9, long len.

Fixes GH #677

rurban added a commit that referenced this issue

Mar 31, 2023

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907