Assertion Failure in libredwg Affects Multiple Applications
CVE-2022-33024

7.5HIGH

Key Information:

Vendor: Gnu
Status: Libredwg
Vendor: CVE Published:; 23 June 2022

What is CVE-2022-33024?

A vulnerability has been identified in libredwg, where an assertion failure occurs in the function 'decode_preR13_entities' at line 5801 of decode.c. This issue could impact applications using this library, leading to potential disruptions or security risks. It is crucial for users and developers relying on libredwg to assess their current versions and apply relevant patches or updates to mitigate this issue.

References

https://github.com/LibreDWG/libredwg/issues/492

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2022
Vulnerability Reserved
Jun 13, 2022

Gnu

What is CVE-2022-33024?

References

CVSS V3.1

Timeline