OSV-2025-324
See a problem?- Import Source
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2025-324.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/OSV-2025-324
- Published
- 2025-05-05T00:11:42.580777Z
- Modified
- 2025-05-05T00:11:42.581345Z
- Summary
- Index-out-of-bounds in dwg_decode_eed
- Details
-
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=415083665
Crash type: Index-out-of-bounds Crash state: dwg_decode_eed dwg_decode_entity dwg_decode_ATTDEF_private - References
Affected packages
OSS-Fuzz / libredwg
Package
- Name
- libredwg
- Purl
- pkg:generic/libredwg
Affected versions
0.*
0.13.3.7424
0.13.3.7426
0.13.3.7429
0.13.3.7431
0.13.3.7434
0.13.3.7437
0.13.3.7442
0.13.3.7445
0.13.3.7453
0.13.3.7456
0.13.3.7460
0.13.3.7466
0.13.3.7469
0.13.3.7472
0.13.3.7473
0.13.3.7483
0.13.3.7491
0.13.3.7501
0.13.3.7507
0.13.3.7516
0.13.3.7533
0.13.3.7534
0.13.3.7535
0.13.3.7539
0.13.3.7545
0.13.3.7551
0.13.3.7552
0.13.3.7554
0.13.3.7557
0.13.3.7558
0.13.3.7562
0.13.3.7571
0.13.3.7574
0.13.3.7577
0.13.3.7582
0.13.3.7599
Database specific
introduced_range
"0d71418532275597c42f1ab93fe7d62a095ea1d2:47a07e5fadfd335adf63cb3ff995edbda86565a3"
fixed_range
"9ddc300523987a7245db30a3cdd62b662c86ff74:b9a2494135a52c1fbc357b93d4238315e17763b6"
source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2025-324.yaml"