AVG-1622 log
| Package | openscad |
| Status | Fixed |
| Severity | Medium |
| Type | arbitrary code execution |
| Affected | 2019.05-9 |
| Fixed | 2021.01-1 |
| Current | 2021.01-12 [extra] |
| Ticket | FS#70052 |
| Created | Wed Feb 24 17:59:46 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-28600 | Medium | No | Arbitrary code execution | An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file... |
| CVE-2020-28599 | Medium | No | Arbitrary code execution | A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL... |