CVE-2021-21899

Summary

A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aLibreCADLibreCad libdxfrw 2.2.0-rc2-19-ge02f3580affected

Weaknesses

  • CWE-119: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CVE Program Container

Additional References

References