3 matches found
CVE-2021-21898
CVE-2021-21898 affects LibreCAD/libdxfrw (2.2.0-rc2-19-ge02f3580). The vulnerability lies in dwgCompressor::decompress18(), where a crafted DWG can trigger an out-of-bounds write, enabling possible code execution. Public references from Gentoo GLSA, Debian DSA/DLA and openSUSE/NASL advisories con...
CVE-2021-21899
CVE-2021-21899 affects LibreCAD/libdxfrw: the heap buffer overflow in dwgCompressor::copyCompBytes21 when parsing crafted .dwg files can lead to code execution. Public advisories indicate multiple distro fixes (Debian DSA-5077, DLA-2838-1; Gentoo GLSA-202305-26; openSUSE/SUSE updates; Ubuntu USN-...
CVE-2021-21900
CVE-2021-21900 : A use-after-free in LibreCAD’s libdxfrw (dxfRW::processLType()) can be triggered by a crafted DXF file (LibreCAD libdxfrw 2.2.0-rc2-19-ge02f3580). Documented in advisories (e.g., GLSA-202305-26, openSUSE openSUSE-SU-2022:0067-1, Debian DSA-5077-1) as a potential for code executio...