CVE-2022-29522

Name of the Vulnerable Software and Affected Versions V-SFT versions prior to v6.1.6.0

Description A use after free vulnerability exists in the simulator module of the graphic editor V-SFT. This issue may allow an attacker to obtain information and/or execute arbitrary code by having a user open a specially crafted image file.

Recommendations For versions prior to v6.1.6.0, update to version v6.1.6.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the simulator module in the graphic editor until a patch is available. Restrict access to specially crafted image files to minimize the risk of exploitation.