Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Drawings_software_development_kit
(Opendesign)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-11-14 | CVE-2021-43390 | An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | Drawings_software_development_kit | 7.8 | ||
| 2021-11-14 | CVE-2021-43274 | A Use After Free Vulnerability exists in the Open Design Alliance Drawings SDK before 2022.11. The specific flaw exists within the parsing of DWF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. | Drawings_software_development_kit | 7.8 | ||
| 2021-11-14 | CVE-2021-43275 | A Use After Free vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. | Drawings_software_development_kit | 7.8 |