CVE-2021-21900

Summary

A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aLibreCADLibreCad libdxfrw 2.2.0-rc2-19-ge02f3580affected

Weaknesses

  • CWE-416: CWE-416: Use After Free

ADP Enrichment

CVE Program Container

Additional References

References