CVE-2021-21897

https://notcve.org/view.php?id=CVE-2021-21897

A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código en la funcionalidad DL_Dxf::handleLWPolylineData de Ribbonsoft dxflib versión 3.17.0. Un archivo .dxf especialmente diseñado puede conllevar a un desbordamiento del búfer de la pila. • https://lists.debian.org/debian-lts-announce/2022/06/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BUOTYU3KKIYE4BEBUFA4MRS462P3OWM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DA4C4X5GMM65VYLUW7Q7YL6P5NDB633A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IMGMEPTYL7WTQ333J6SMC6MUHDMMWT3O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L2H36XRMAPQBIOVIIFX6KUT5 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •