6 matches found
CVE-2026-42480
CVE-2026-42480 is a stack-based out-of-bounds read in Open CASCADE Technology (OCCT) VRML parser: VrmlData_Scene::ReadLine. The quoted-string escape handler uses ptr[++anOffset] without proper bounds checking, enabling denial-of-service via a crafted VRML file. Affected component is OCCT v8_0_0_r...
CVE-2026-42481
The CVE-2026-42481 entry concerns Open CASCADE Technology (OCCT) in the V8_0_0_rc5 release. The affected components are the IGES and STEP file parsers. Documented issues include an out-of-bounds read in Geom2d_BSplineCurve::EvalD0 during IGES B-spline curve evaluation, another out-of-bounds read ...
CVE-2026-42477
The CVE describes a heap-based out-of-bounds read in Open CASCADE Technology (OCCT) v8_0_0_rc5 within the OBJ file parser. The vulnerability affects RWObj_Reader::read, caused by Standard_ReadLineBuffer::ReadLine() returning a 1-byte buffer for minimal OBJ lines and RWObj_Reader::read() calling p...
CVE-2026-42478
CVE-2026-42478 affects OCCT (Open CASCADE Technology) at V8_0_0_rc5, specifically VrmlData_IndexedFaceSet::TShape. A crafted VRML file can trigger a dereference of a corrupt or unvalidated pointer during shape construction in libTKDEVRML.so, allowing a denial-of-service. Documented impact: high s...
CVE-2026-42479
CVE-2026-42479 affects Open CASCADE Technology (OCCT) version V8_0_0_rc5. The VrmlData_IndexedLineSet::TShape in the VRML parser uses coordIndex values from input as direct array indices without validating against the coordinate array size during geometry processing, leading to an out-of-bounds r...
CVE-2026-42476
Two heap-based out-of-bounds read vulnerabilities affect Open CASCADE Technology (OCCT) V8_0_0_rc5 in the STL ASCII file parser (RWStl_Reader::ReadAscii). In CTL: buffers returned by Standard_ReadLineBuffer::ReadLine() are not properly length-validated before strncasecmp or direct byte access, en...