Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-28599 | 2 Fedoraproject, Openscad | 2 Fedora, Openscad | 2022-10-06 | 6.8 MEDIUM | 7.8 HIGH |
A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
CVE-2022-0497 | 1 Openscad | 1 Openscad | 2022-09-01 | N/A | 7.1 HIGH |
A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations. | |||||
CVE-2022-0496 | 1 Openscad | 1 Openscad | 2022-09-01 | N/A | 5.5 MEDIUM |
A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import(). | |||||
CVE-2020-28600 | 1 Openscad | 1 Openscad | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. |