CVE-2021-32936

Name of the Vulnerable Software and Affected Versions Drawings SDK versions prior to 2022.4

Description An out-of-bounds write issue exists in the DXF file-recovering procedure due to the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer, allowing attackers to cause a denial-of-service condition or execute code in the context of the current process.

Recommendations For versions prior to 2022.4, update to version 2022.4 or later to resolve the issue. As a temporary workaround, consider restricting the processing of DXF files until a patch is available. Avoid using the Drawings SDK to parse untrusted DXF files until the issue is resolved.