Lucene search
GoogleOSV:CVE-2020-28599HistoryFeb 24, 2021 - 4:15 p.m.
CVE-2020-28599
2021-02-2416:15:14
Google
osv.dev
4
buffer overflow
openscad
code execution
stl file
vulnerability
import_stl functionality
A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
References
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFXQZK6BAYARVVWBBXDKPVPN3N77PPDX/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRHYUWXQ7QQIC6TXDYYLYFFF7B7L3EBD/
security.gentoo.org/glsa/202107-35
talosintelligence.com/vulnerability_reports/TALOS-2020-1223
www.talosintelligence.com/vulnerability_reports/TALOS-2020-1224
Related
fedora
fedora
[SECURITY] Fedora 32 Update: openscad-2019.05-13.fc32
2021-03-05 19:23:55
[SECURITY] Fedora 33 Update: openscad-2019.05-13.fc33
2021-03-05 19:17:27
mageia
mageia
Updated openscad package fixes a security vulnerability
2021-03-27 17:27:02
debiancve
debiancve
CVE-2020-28599
2021-02-24 16:15:14
ubuntucve
ubuntucve
CVE-2020-28599
2021-02-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2021-02-26 01:47:03
openvas
openvas
Fedora: Security Advisory for openscad (FEDORA-2021-793da7882b)
2021-03-06 00:00:00
Fedora: Security Advisory for openscad (FEDORA-2021-8349f28cb9)
2021-03-06 00:00:00
Mageia: Security Advisory (MGASA-2021-0157)
2022-01-28 00:00:00
nessus
nessus
GLSA-202107-35 : OpenSCAD: Buffer overflow
2022-01-24 00:00:00
Fedora 32 : openscad (2021-793da7882b)
2021-03-08 00:00:00
Fedora 33 : openscad (2021-8349f28cb9)
2021-03-08 00:00:00
cvelist
cvelist
CVE-2020-28599
2021-02-24 15:58:26
prion
prion
Stack overflow
2021-02-24 16:15:00
gentoo
gentoo
OpenSCAD: Buffer overflow
2021-07-15 00:00:00
talos
talos
nvd
nvd
CVE-2020-28599
2021-02-24 16:15:14
cve
cve
CVE-2020-28599
2021-02-24 16:15:14