---

CVE-2020-28594 - log back

CVE-2020-28594 created at 23 Aug 2021 10:48:41
Severity	+ Medium
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
References	+ https://talosintelligence.com/vulnerability_reports/TALOS-2020-1218
Notes