A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import().

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Openscad
  • Openscad

Configuration 1 [-]

cpe:2.3:a:openscad:openscad:*:*:*:*:*:*:*:*

No data.

References
Link Providers
https://bugzilla.redhat.com/show_bug.cgi?id=2050695 cve-icon cve-icon
https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41 cve-icon cve-icon
https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652 cve-icon cve-icon
https://github.com/openscad/openscad/issues/4037 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-08-29T14:03:04

Updated: 2024-08-02T23:32:46.180Z

Reserved: 2022-02-04T00:00:00

Link: CVE-2022-0496

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-08-29T15:15:09.597

Modified: 2024-11-21T06:38:46.770

Link: CVE-2022-0496

cve-icon Redhat

No data.