OSV-2026-995

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2026-995.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-995
Published
2026-06-29T00:21:08.898692Z
Modified
2026-06-30T14:52:30.093783Z
Summary
Heap-double-free in dxf_entities_read
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=528859714

Crash type: Heap-double-free
Crash state:
dxf_entities_read
dwg_read_dxf
llvmfuzz.c
References

Affected packages

OSS-Fuzz / libredwg

Package

Name
libredwg
Purl
pkg:generic/libredwg

Affected ranges

Affected versions

0.*
0.14
0.14.8363
0.14.8367

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2026-995.yaml"
introduced_range
"08c034a224a4e9512b1cd62e74b5cf081a4cfa89:360ed38a2c4f948689e5f9851a744016928becdc"
fixed_range
"d9468ae948b8f07a08efa756c19f8916052358c0:30f4304649433c690a62d6d0940c98a0371fda96"