OSV-2023-1186

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2023-1186.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-1186
Published
2023-11-20T13:02:13.320596Z
Modified
2024-04-27T14:07:56.082417Z
Summary
Heap-use-after-free in dxf_tables_read
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64318

Crash type: Heap-use-after-free READ 8
Crash state:
dxf_tables_read
dwg_read_dxf
llvmfuzz.c
References

Affected packages

OSS-Fuzz / libredwg

Package

Name
libredwg
Purl
pkg:generic/libredwg

Affected ranges

Type
GIT
Repo
https://github.com/LibreDWG/libredwg
Events
Introduced
8ae1f0216bf015cb9d68a64feaca929b7069a9b7
Fixed
6f43e71f4cbddf96d47648f36161a9815389b50a

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "7d9fc3da44bbdb60a40d2dabd167341462434362:6f43e71f4cbddf96d47648f36161a9815389b50a"
}