CVE-2023-30259Out-of-bounds Read in Librecad

CWE-125Out-of-bounds Read4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 87.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LibrecadDebian Librecad
Timeline
PublishedJun 28

Description

A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

debiandebian/librecad< librecad 2.2.0.2-1 (forky)
Debianlibrecad/librecad< 2.2.0.2-1+1

🔴Vulnerability Details

2
OSV
CVE-2023-30259: A Buffer Overflow vulnerability in importshp plugin in LibreCAD 22023-06-28
GHSA
GHSA-6hr9-9v75-c7qh: A Buffer Overflow vulnerability in importshp plugin in LibreCAD 22023-06-28

📋Vendor Advisories

1
Debian
CVE-2023-30259: librecad - A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows att...2023
CVE-2023-30259 — Out-of-bounds Read in Debian Librecad | cvebase