CVE-2021-25176

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2021.11

Description: An issue exists when rendering malformed .DXF and .DWG files, allowing attackers to cause a crash, potentially enabling a denial of service attack. This is due to a NULL pointer dereference.

Recommendations: For versions prior to 2021.11, update to version 2021.11 or later to resolve the issue. As a temporary workaround, consider restricting the rendering of .DXF and .DWG files to minimize the risk of exploitation. Avoid using the software to render untrusted or malformed files until the issue is resolved.