CVE-2023-26157

Summary

Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.

Affected Software

VendorProductVersion RangeStatus
n/alibredwg0 < 0.12.5.6384affected

Weaknesses

  • CWE-400: Denial of Service (DoS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References