Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-45950: oss-fuzz-vulns/OSV-2021-814.yaml at main · google/oss-fuzz-vulns

LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).

CVE
Open in Source
#google#git

Permalink

Cannot retrieve contributors at this time

id: OSV-2021-814

summary: UNKNOWN WRITE in dwg_free_BLOCK_private

details: |

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34766

Crash type: UNKNOWN WRITE

Crash state:

dwg_free_BLOCK_private

dwg_free_BLOCK

dwg_free_object

modified: ‘2021-10-12T00:09:35.151092Z’

published: ‘2021-05-30T00:00:24.550464Z’

references:

- type: REPORT

url: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34766

affected:

- package:

name: libredwg

ecosystem: OSS-Fuzz

ranges:

- type: GIT

repo: https://github.com/LibreDWG/libredwg

events:

- introduced: b37f533870d4921888cbbd633a738d3e6e95109e

versions:

- 0.12.4.4313

- 0.12.4.4317

- 0.12.4.4321

- 0.12.4.4324

- 0.12.4.4331

- 0.12.4.4338

- 0.12.4.4343

- 0.12.4.4348

- 0.12.4.4362

- 0.12.4.4364

- 0.12.4.4367

ecosystem_specific:

severity: null

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE