AVG-2142 log

Package	prusa-slicer
Status	Vulnerable
Severity	Medium
Type	arbitrary code execution
Affected	2.3.3-3
Fixed	Unknown
Current	2.7.4-1 [extra]
Ticket	Create
Created	Thu Jul 8 15:01:46 2021

Issue	Severity	Remote	Type	Description
CVE-2020-28598	Medium	No	Arbitrary code execution	An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit...
CVE-2020-28594	Medium	Yes	Arbitrary code execution	A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit...

Issue

Severity

Remote

Type

Description

CVE-2020-28598

Medium

Arbitrary code execution

An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit...

CVE-2020-28594

Medium

Yes

Arbitrary code execution

A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit...