CVE-2022-28808Out-of-bounds Read in Drawings SDK

CWE-125Out-of-bounds Read4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 65.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opendesign Drawings SDK
Timeline
PublishedJul 17
Latest updateJul 18

Description

An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading DWG files in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-g857-242h-9m66: An issue was discovered in Open Design Alliance Drawings SDK before 20232022-07-18
CVEList
CVE-2022-28808: An issue was discovered in Open Design Alliance Drawings SDK before 20232022-07-17
CVE-2022-28808 — Out-of-bounds Read in Drawings SDK | cvebase