OSV-2023-855

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2023-855.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-855
Published
2023-09-15T14:01:06.818081Z
Modified
2024-04-27T14:22:00.114824Z
Summary
Heap-double-free in dwg_free_common_entity_data
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62367

Crash type: Heap-double-free
Crash state:
dwg_free_common_entity_data
dwg_free_POINTCLOUD
dwg_free_variable_no_class
References

Affected packages

OSS-Fuzz / libredwg

Package

Name
libredwg
Purl
pkg:generic/libredwg

Affected ranges

Type
GIT
Repo
https://github.com/LibreDWG/libredwg
Events
Introduced
8984c223f14dc81180ca5da66f92e5932992bb5c
Fixed
6f43e71f4cbddf96d47648f36161a9815389b50a

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "7d9fc3da44bbdb60a40d2dabd167341462434362:6f43e71f4cbddf96d47648f36161a9815389b50a"
}