3 matches found
Debian DSA-5229-1 : freecad - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5229 advisory. - Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. CVE-2021-45844 ...
CVE-2021-45845
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document...
CVE-2021-45845
CVE-2021-45845 affects FreeCAD 0.19. The Path Sanity Check script is vulnerable to OS command injection via a crafted FCStd document, allowing arbitrary commands to be executed. The issue is tracked across multiple feeds (OSV, NVD) with CVSS scores: CVSS v3.1: 7.8 (HIGH), LOCAL exploit with UI re...