{"id":"CVE-2019-20914","details":"An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.","modified":"2026-04-11T09:39:57.071619Z","published":"2020-07-16T18:15:13.597Z","references":[{"type":"FIX","url":"https://github.com/LibreDWG/libredwg/commit/3b837bb72d6b9ab4d563faa211f90efc257e3c96"},{"type":"EVIDENCE","url":"https://github.com/LibreDWG/libredwg/issues/178"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libredwg/libredwg","events":[{"introduced":"0"},{"last_affected":"ece161fd5e396fdb4094bdba027c5ea8476f73af"},{"fixed":"3b837bb72d6b9ab4d563faa211f90efc257e3c96"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.9.3"}]}}],"versions":["0.3","0.4-dev","0.4.900","0.4.924","0.4.938","0.5","0.6","0.6.1","0.6.2","0.7","0.8","0.9","0.9.1","0.9.2","0.9.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-20914.json","vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["329011182343971931175772634963691244782","203683506821898681955471721114965828673","14751010109900732949469914265842609795","309491728688545258711996058050702498464"]},"signature_version":"v1","id":"CVE-2019-20914-7a33efd5","deprecated":false,"target":{"file":"src/encode.c"},"source":"https://github.com/libredwg/libredwg/commit/3b837bb72d6b9ab4d563faa211f90efc257e3c96","signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["80152542567558847716377521316695982517","288819481939200924088477269983121140019","300843498636443174961961206391604084461","297278089582080075443100519337723316546"]},"signature_version":"v1","id":"CVE-2019-20914-859cf1cf","deprecated":false,"target":{"file":"programs/dwgrewrite.c"},"source":"https://github.com/libredwg/libredwg/commit/3b837bb72d6b9ab4d563faa211f90efc257e3c96","signature_type":"Line"},{"digest":{"function_hash":"31679730145492592359646180774799545980","length":560},"signature_version":"v1","id":"CVE-2019-20914-9dd380db","deprecated":false,"target":{"function":"dwg_encode_header_variables","file":"src/encode.c"},"source":"https://github.com/libredwg/libredwg/commit/3b837bb72d6b9ab4d563faa211f90efc257e3c96","signature_type":"Function"},{"digest":{"function_hash":"236799854757892857900754633525611796053","length":4360},"signature_version":"v1","id":"CVE-2019-20914-e7c25456","deprecated":false,"target":{"function":"main","file":"programs/dwgrewrite.c"},"source":"https://github.com/libredwg/libredwg/commit/3b837bb72d6b9ab4d563faa211f90efc257e3c96","signature_type":"Function"}],"vanir_signatures_modified":"2026-04-11T09:39:57Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}