OSV-2025-324

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2025-324.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-324

Published

2025-05-05T00:11:42.580777Z

Modified

2025-05-05T00:11:42.581345Z

Summary

Index-out-of-bounds in dwg_decode_eed

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=415083665

Crash type: Index-out-of-bounds
Crash state:
dwg_decode_eed
dwg_decode_entity
dwg_decode_ATTDEF_private

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=415083665

Affected packages

OSS-Fuzz / libredwg

Package

Name: libredwg
Purl: pkg:generic/libredwg

Affected ranges

Type: GIT
Repo: https://github.com/LibreDWG/libredwg
Events: Introduced

b76f99df5bf29af8f0b9bfdeb79793f8b821e247

Fixed

b9a2494135a52c1fbc357b93d4238315e17763b6

Affected versions

0.*

0.13.3.7424

0.13.3.7426

0.13.3.7429

0.13.3.7431

0.13.3.7434

0.13.3.7437

0.13.3.7442

0.13.3.7445

0.13.3.7453

0.13.3.7456

0.13.3.7460

0.13.3.7466

0.13.3.7469

0.13.3.7472

0.13.3.7473

0.13.3.7483

0.13.3.7491

0.13.3.7501

0.13.3.7507

0.13.3.7516

0.13.3.7533

0.13.3.7534

0.13.3.7535

0.13.3.7539

0.13.3.7545

0.13.3.7551

0.13.3.7552

0.13.3.7554

0.13.3.7557

0.13.3.7558

0.13.3.7562

0.13.3.7571

0.13.3.7574

0.13.3.7577

0.13.3.7582

0.13.3.7599

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "0d71418532275597c42f1ab93fe7d62a095ea1d2:47a07e5fadfd335adf63cb3ff995edbda86565a3",
    "fixed_range": "9ddc300523987a7245db30a3cdd62b662c86ff74:b9a2494135a52c1fbc357b93d4238315e17763b6"
}