Lucene search
+L
Gerbv ProjectGerbv

8 matches found

CVE
CVE
added 2023/08/24 10:51 p.m.134 views

CVE-2023-4508

CVE-2023-4508 affects Gerbv versions 2.4.0–2.10.0, with out-of-bounds memory access when parsing RS-274X files, causing a crash and potential denial-of-service. Connected advisories confirm the issue across distributions (Debian/Ubuntu/OpenSUSE) and indicate fixed versions in respective releases;...

5.5CVSS5.5AI score0.00308EPSS
CVE
CVE
added 2022/02/04 12:0 a.m.108 views

CVE-2021-40401

CVE-2021-40401 affects Gerbv (RS-274X aperture definition tokenization) with a use-after-free in 2.7.0 (and forks) that an attacker can trigger via a crafted Gerber file to achieve code execution. Connected advisories confirm additional related CVEs (CVE-2021-40403 etc.) and describe the same fam...

10CVSS8AI score0.01324EPSS
CVE
CVE
added 2021/12/22 12:0 a.m.88 views

CVE-2021-40394

Gerbv versions 2.7.0 and its development forks are affected by CVE-2021-40394 due to an out-of-bounds write in RS-274X aperture macro variables handling and an integer overflow in the outline primitive. A specially crafted Gerber file could lead to code execution. Debian’s DLA-3593-1 (and related...

10CVSS9.4AI score0.02916EPSS
CVE
CVE
added 2021/12/22 12:0 a.m.85 views

CVE-2021-40393

CVE-2021-40393 is an out-of-bounds write in Gerbv’s RS-274X aperture macro variables handling, affecting Gerbv 2.7.0 (and dev) and forked versions. A crafted Gerber file can lead to code execution. The issue is documented across multiple advisories (e.g., Debian DLA-3593-1, Ubuntu USN-6209-1, Fed...

10CVSS9.4AI score0.03064EPSS
CVE
CVE
added 2022/02/04 12:0 a.m.84 views

CVE-2021-40403

CVE-2021-40403 affects Gerbv: pick-and-place rotation parsing in Gerbv 2.7.0 and development fork (and 2.8.0 fork) allows memory contents disclosure due to missing initialization of a structure. A crafted Gerber file can trigger the leak. Debian/Ubuntu advisories indicate fixed packages (e.g., 2....

6.3CVSS5.7AI score0.01084EPSS
CVE
CVE
added 2021/11/19 6:53 p.m.75 views

CVE-2021-40391

Gerbv 2.7.0, dev (commit b5f1eacd) and forks are affected by an out-of-bounds write in the drill format T-code tool number functionality, enabling code execution via a crafted drill file. Connected notes (e.g., Mageia MGASA-2022-0260 and related advisories) confirm this CVE-2021-40391 issue and d...

10CVSS9.4AI score0.02894EPSS
CVE
CVE
added 2022/04/14 7:56 p.m.65 views

CVE-2021-40400

CVE-2021-40400 is an out-of-bounds read vulnerability in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and its fork. A specially crafted Gerber file can trigger information disclosure. The attack vector involves providing a malicious Gerber fi...

9.3CVSS7AI score0.01268EPSS
CVE
CVE
added 2022/04/14 7:56 p.m.53 views

CVE-2021-40402

CVE-2021-40402 concerns Gerbv and its derivatives, where an out-of-bounds read in the RS-274X aperture macro multi-outline primitives can disclose information when processing a crafted Gerber/file input. Connected sources document affected versions and scope, including Gerbv, its forks, and relat...

9.3CVSS7.2AI score0.01304EPSS