MGASA-2022-0152
- Source
- https://advisories.mageia.org/MGASA-2022-0152.html
- Import Source
- https://advisories.mageia.org/MGASA-2022-0152.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2022-0152
- Related
- Published
- 2022-04-24T10:43:54Z
- Modified
- 2022-04-24T10:02:16Z
- Summary
- Updated librecad packages fix security vulnerability
- Details
-
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. (CVE-2021-45341)
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. (CVE-2021-45342)
- References
-
- https://advisories.mageia.org/MGASA-2022-0152.html
- https://bugs.mageia.org/show_bug.cgi?id=29996
- https://www.debian.org/lts/security/2022/dla-2908
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MBLTKH2Q6OBOLSNHIKPW74SFFSC5A2BB/
- https://www.debian.org/security/2022/dsa-5077
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:8 / librecad
Package
- Name
- librecad
- Purl
- pkg:rpm/mageia/librecad?distro=mageia-8