MGASA-2022-0148 Updated openscad packages fix security vulnerability

Out-of-bounds memory access in DXF loader. CVE-2022-0496 Out-of-bounds memory access in comment parser. CVE-2022-0497...

Updated openscad packages fix security vulnerability

Out-of-bounds memory access in DXF loader. CVE-2022-0496 Out-of-bounds memory access in comment parser. CVE-2022-0497...

Fedora: Security Advisory for openscad (FEDORA-2022-3012e64f8c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for openscad (FEDORA-2022-1961907229)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: openscad-2021.01-8.fc35

OpenSCAD is a software for creating solid 3D CAD objects. Unlike most free software for creating 3D models such as the famous application Blender it does not focus on the artistic aspects of 3D modeling but instead on the CAD aspects. Thus it might be the application you are looking for when you...

[SECURITY] Fedora 34 Update: openscad-2021.01-8.fc34

OpenSCAD is a software for creating solid 3D CAD objects. Unlike most free software for creating 3D models such as the famous application Blender it does not focus on the artistic aspects of 3D modeling but instead on the CAD aspects. Thus it might be the application you are looking for when you...

Out-of-Bounds Access

openscad is vulnerable to out-of-bounds access. The vulnerability exists in ADDLINE function in dxfdata.cc due to missing validations in DXF import which allows an attacker to cause an out of bound writes...

Mageia: Security Advisory (MGASA-2021-0368)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2021-0239)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2021-0157)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202107-35 : OpenSCAD: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-202107-35 OpenSCAD: Buffer overflow A buffer overflow exists in OpenSCAD when parsing STL files. Impact : A remote attacker could entice a user to open a specially crafted STL file using OpenSCAD, possibly resulting in execution o...

The vulnerability of the function import_stl() in the import_stl.cc component of the OpenSCAD automated design system, related to writing outside the buffer boundaries, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the importstl function in the importstl.cc component of the OpenSCAD automated design system is related to writing outside the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even caus...

Denial Of Service (DoS)

An out-of-bounds write vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

OPENSUSE-SU-2021:1158-1 Security update for openscad

This update for openscad fixes the following issues: - CVE-2020-28600: A specially crafted STL file could lead to code execution via out-of-bounds write in importstl.cc:importstl bsc1185975 This update was imported from the openSUSE:Leap:15.2:Update update project...

Security update for openscad (moderate)

openSUSE Security Update: Security update for openscad Announcement ID: openSUSE-SU-2021:1158-1 Rating: moderate References: 1185975 Cross-References: CVE-2020-28600 CVSS scores: CVE-2020-28600 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP2...

Updated lib3mf packages fix security vulnerability

A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability CVE-2021-21772. A new package 'act' is...

OpenSCAD: Buffer overflow

Background OpenSCAD is the programmer’s solid 3D CAD modeller. Description A buffer overflow exists in OpenSCAD when parsing STL files. Impact A remote attacker could entice a user to open a specially crafted STL file using OpenSCAD, possibly resulting in execution of arbitrary code with the...

openSUSE: Security Advisory for openscad (openSUSE-SU-2021:1024-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE 15 Security Update : openscad (openSUSE-SU-2021:1024-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1024-1 advisory. - An out-of-bounds write vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL...

OPENSUSE-SU-2021:1024-1 Security update for openscad

This update for openscad fixes the following issues: - CVE-2020-28600: A specially crafted STL file could lead to code execution via out-of-bounds write in importstl.cc:importstl bsc1185975...