CVE-2020-15807 — NULL Pointer Dereference in Libredwg

Severity

6.5MEDIUMNVD

EPSS

0.4%

top 38.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 17

Latest updateMay 24

Description

GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

GHSA

GHSA-hjvc-f345-6395: GNU LibreDWG before 0↗2022-05-24

▶

CVEList

CVE-2020-15807: GNU LibreDWG before 0↗2020-07-17

▶