CVE-2021-45950
First published: Fri Dec 31 2021(Updated: )
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU LibreDWG | >=0.12.4.4313<=0.12.4.4367 | |
| >=0.12.4.4313<=0.12.4.4367 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this LibreDWG vulnerability?
The vulnerability ID of this LibreDWG vulnerability is CVE-2021-45950.
What is the severity of CVE-2021-45950?
The severity of CVE-2021-45950 is medium (6.5).
What is the affected software?
The affected software for CVE-2021-45950 is GNU LibreDWG versions 0.12.4.4313 through 0.12.4.4367.
What is the CWE ID of this vulnerability?
The CWE ID of this vulnerability is CWE-787.
How can I fix CVE-2021-45950?
To fix CVE-2021-45950, it is recommended to update GNU LibreDWG to a version beyond 0.12.4.4367.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- agent/source
- vendor/gnu
- canonical/gnu libredwg
- version/gnu libredwg/0.12.4.4313
- version/gnu libredwg/0.12.4.4367