CVE-2021-43582
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-43582
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Open Design Alliance Drawings SDK 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Open Design Alliance Drawings SDK是美国Open Design Alliance公司的一款应用于图纸设计的软件开发包。该开发包通过方便的,面向对象的API访问.dwg和.dgn中的数据,提供C++API、支持修复文件、.NET,JAVA,Python开发语言的支持等功能。 Open Design Alliance Drawings SDK 存在安全漏洞,该漏洞源于DWG文件解析中存在特定缺陷。该问题是由于在对对象执行操作之前未验证对象的存在而导致的。攻击者可以利用此漏洞在当
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2021-43582
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-43582
请登录查看更多情报信息。
- https://www.zerodayinitiative.com/advisories/ZDI-21-1353/x_refsource_MISC
- ODA Security Advisories | Open Design Alliancex_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2021-43582
Same Patch Batch · n/a · 2021-11-22 · 30 CVEs total
| CVE-2021-23732 | 9.0 CRITICAL | Arbitrary Code Execution |
| CVE-2021-23718 | 6.5 MEDIUM | Server-side Request Forgery (SSRF) |
| CVE-2021-23673 | 5.4 MEDIUM | Cross-site Scripting (XSS) |
| CVE-2021-38378 | Open-xchange OX App Suite 安全漏洞 | |
| CVE-2021-44079 | Wazuh 命令注入漏洞 | |
| CVE-2021-33488 | Open-xchange OX App Suite 输入验证错误漏洞 | |
| CVE-2021-33489 | Open-xchange OX App Suite 跨站脚本漏洞 | |
| CVE-2021-33490 | Open-xchange OX App Suite 跨站脚本漏洞 | |
| CVE-2021-33491 | Open-xchange OX App Suite 路径遍历漏洞 | |
| CVE-2021-33492 | Open-xchange OX App Suite 跨站脚本漏洞 | |
| CVE-2021-33493 | Open-xchange OX App Suite 代码注入漏洞 | |
| CVE-2021-33494 | Open-xchange OX App Suite 跨站脚本漏洞 | |
| CVE-2021-33495 | Open-xchange OX App Suite 跨站脚本漏洞 | |
| CVE-2021-38146 | Wipro Holmes Orchestrator 路径遍历漏洞 | |
| CVE-2021-38374 | Open-xchange OX App Suite 跨站脚本漏洞 | |
| CVE-2021-38375 | Open-xchange OX App Suite 跨站脚本漏洞 | |
| CVE-2021-38376 | Open-xchange OX App Suite 授权问题漏洞 | |
| CVE-2021-38377 | Open-xchange OX App Suite 安全特征问题特征问题漏洞 | |
| CVE-2020-22719 | Shimo Document 跨站脚本漏洞 | |
| CVE-2021-43581 | Open Design Alliance Drawings SDK 缓冲区错误漏洞 |
Showing top 20 of 30 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2021-43582
No comments yet