CVE-2021-32950

Name of the Vulnerable Software and Affected Versions Drawings SDK versions prior to 2022.4

Description An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK, resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations.

Recommendations For versions prior to 2022.4, update to version 2022.4 or later to resolve the issue. As a temporary workaround, consider restricting the parsing of DXF files until a patch is available. Avoid using the Drawings SDK to parse untrusted DXF files until the issue is resolved.