A remote code execution vulnerability exists when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux. This CVE ID is unique from CVE-2021-26701.

Affected Packages

NuGet System.Drawing.Common

Affected versions: 4.0.0 (fixed in 4.7.2)

NuGet System.Drawing.Common

Affected versions: 5.0.0 (fixed in 5.0.3)

Related CVEs

CVE-2021-24112

Key Information

GHSA ID

GHSA-rxg9-xrhp-64gj

Published

May 24, 2022 5:43 PM

Last Modified

October 25, 2022 5:35 PM

CVSS Score

9.0 /10

Primary Ecosystem

NuGet

Primary Package

System.Drawing.Common

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 27, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.