Lucene search

PRIOn knowledge basePRION:CVE-2021-45844

HistoryJan 25, 2022 - 1:15 p.m.

Input validation

2022-01-2513:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.9%

Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.

CPENameOperatorVersion
debian_linuxeq9.0
debian_linuxeq10.0
debian_linuxeq11.0
freecadeq0.19

Name	Operator	Version
debian_linux	eq	9.0
debian_linux	eq	10.0
debian_linux	eq	11.0
freecad	eq	0.19

References

forum.freecadweb.org/viewtopic.php?t=64733

lists.debian.org/debian-lts-announce/2022/03/msg00004.html

lists.debian.org/debian-lts-announce/2022/08/msg00008.html

tracker.freecad.org/view.php?id=4809

www.debian.org/security/2022/dsa-5229