First published: Mon May 17 2021(Updated: )
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU LibreDWG | =0.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-21836.
The title of the vulnerability is 'A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview.'
The affected software is GNU LibreDWG 0.10.
The severity of CVE-2020-21836 is high with a CVSS score of 8.8.
To fix the vulnerability, it is recommended to update GNU LibreDWG to a version that does not contain the vulnerability.