Lucene search
+L
OpenscadOpenscad

4 matches found

CVE
CVE
added 2021/02/24 3:58 p.m.777 views

CVE-2020-28599

OpenSCAD vulnerability CVE-2020-28599 exists in openscad-2020.12-RC2 due to a stack-based overflow in import_stl.cpp when parsing STL files; a crafted STL can lead to code execution. Publicly documented impact and patches indicate upgrading to OpenSCAD 2021.01 or newer (e.g., as per GLSA/Mageia a...

8.8CVSS7.6AI score0.01956EPSS
CVE
CVE
added 2021/05/10 7:18 p.m.177 views

CVE-2020-28600

The CVE-2020-28600 entry concerns OpenSCAD (openscad-2020.12-RC2) with an out-of-bounds write in import_stl():import_stl() that allows code execution via a specially crafted STL file. The vulnerability impacts the STL import path and is referenced in multiple advisories (openSUSE/OpenSCAD securit...

8.8CVSS7.6AI score0.01274EPSS
CVE
CVE
added 2022/08/29 2:3 p.m.80 views

CVE-2022-0496

CVE-2022-0496 is a vulnerability in OpenSCAD related to the DXF loader. ADXF-format drawing with certain (not necessarily malformed) properties may trigger an out-of-bounds memory access when imported via import(). The issue is tied to OpenSCAD’s DXF parsing path and has been addressed by fixes i...

5.5CVSS5.8AI score0.00441EPSS
CVE
CVE
added 2022/08/29 2:3 p.m.72 views

CVE-2022-0497

OpenSCAD is affected by CVE-2022-0497. The vulnerability is an out-of-bounds read during parsing of annotations in a .scad file that ends without a trailing newline. The root cause is in the comment/annotation parsing path. The CVSSv3.1 score is 7.1 (HIGH) with LOCAL attack vector, LOW attack com...

7.1CVSS6.6AI score0.00411EPSS