CVE-2021-43274

Name of the Vulnerable Software and Affected Versions Open Design Alliance Drawings SDK versions prior to 2022.11

Description A Use After Free issue exists in the parsing of DWF files due to the lack of validation of an object's existence before performing operations on it. This can be leveraged by an attacker, in conjunction with other issues, to execute arbitrary code in the context of the current process.

Recommendations For versions prior to 2022.11, update to a version 2022.11 or later to resolve the issue. As a temporary workaround, consider restricting the parsing of DWF files until a patch is available.