Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.

Related CVEs

CVE-2024-8894

Key Information

GHSA ID

GHSA-rxxc-45j4-gcc4

Published

December 4, 2024 12:31 PM

Last Modified

December 4, 2024 12:31 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 9, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.