A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:30
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
28 Oct 2022, 17:46
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/06/msg00008.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IMGMEPTYL7WTQ333J6SMC6MUHDMMWT3O/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BUOTYU3KKIYE4BEBUFA4MRS462P3OWM/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2H36XRMAPQBIOVIIFX6KUT5YOG2ETM6/ - Mailing List, Third Party Advisory |
12 Sep 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Sep 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-191 |
28 Jul 2022, 10:38
Type | Values Removed | Values Added |
---|---|---|
First Time |
Fedoraproject
Fedoraproject fedora Debian Debian debian Linux Fedoraproject extra Packages For Enterprise Linux |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DA4C4X5GMM65VYLUW7Q7YL6P5NDB633A/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/06/msg00008.html - Third Party Advisory | |
CPE | cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
07 Jun 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 May 2022, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
16 Sep 2021, 14:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ribbonsoft:dxflib:3.17.0:*:*:*:*:*:*:* | |
References | (MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2021-1346 - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 8.8 |
CWE | CWE-787 |
08 Sep 2021, 17:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-09-08 16:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-21897
Mitre link : CVE-2021-21897
CVE.ORG link : CVE-2021-21897
JSON object : View
Products Affected
ribbonsoft
- dxflib
fedoraproject
- fedora
- extra_packages_for_enterprise_linux
debian
- debian_linux