GCVE - cpe:2.3:a:n/a:librecad:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:librecad:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Librecad (`5e0cd52d-2748-5113-8d9a-bd112461e698`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-21900`	vulnerable	2026-06-08 05:29:13.385281	Details available HIGH (8.8) A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-11-19T00:00:00.000Z Updated: 2024-08-03T18:30:23.053Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1351 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDI3HCTCACMIC7I4ILB3NRU6DCMADI5H/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTIAMP7QJDKV4ADDLR4GVVX2TXYLHVOZ/ https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html https://www.debian.org/security/2022/dsa-5077	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21899`	vulnerable	2026-06-08 05:29:13.384626	Details available HIGH (8.8) A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-11-19T00:00:00.000Z Updated: 2024-08-03T18:30:22.887Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1350 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDI3HCTCACMIC7I4ILB3NRU6DCMADI5H/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTIAMP7QJDKV4ADDLR4GVVX2TXYLHVOZ/ https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html https://www.debian.org/security/2022/dsa-5077	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21898`	vulnerable	2026-06-08 05:29:13.382975	Details available HIGH (8.8) A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-11-19T00:00:00.000Z Updated: 2024-08-03T18:30:22.906Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1349 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDI3HCTCACMIC7I4ILB3NRU6DCMADI5H/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTIAMP7QJDKV4ADDLR4GVVX2TXYLHVOZ/ https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html https://www.debian.org/security/2022/dsa-5077	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.