A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21838
Reference (s):
- http://gnu.com
- http://libredwg.com
- https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492816