PT-2022-21658 · Libredwg · Libredwg

Cxlzff

Published

2022-06-22

Updated

2022-06-29

CVE-2022-33033

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LibreDWG version 0.12.4.4608

Description A double-free issue was discovered in the dwg read file function at dwg.c. This issue affects the processing of files, potentially leading to memory corruption.

Recommendations For LibreDWG version 0.12.4.4608, consider restricting access to the dwg read file function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

CVE-2022-33033

Affected Products

Libredwg

PT-2022-21658 · Libredwg · Libredwg

CVE-2022-33033

Weakness Enumeration

Related Identifiers

Affected Products

References · 4