High severity7.8NVD Advisory· Published Apr 15, 2023· Updated Jun 17, 2026
CVE-2023-22669
CVE-2023-22669
Description
Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2023.6
Patches
Vulnerability mechanics
References
1- www.opendesign.com/security-advisoriesnvdVendor Advisory
News mentions
0No linked articles in our index yet.