CVE-2022-33024

CWE-617 — Reachable Assertion3 documents3 sources

Severity

7.5HIGH

EPSS

0.3%

top 48.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Libredwg

Timeline

PublishedJun 23

Latest updateJun 24

Description

There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDgnu/libredwg0.12.4.4608

🔴Vulnerability Details

GHSA

GHSA-q69w-w5pf-j6wp: There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg↗2022-06-24

▶

CVEList

CVE-2022-33024: There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg↗2022-06-22

▶