CVE-2020-28595 log
| Source |
|
| Severity | Medium |
| Remote | No |
| Type | Arbitrary code execution |
| Description | An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer before version 2.3.0. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1566 | prusa-slicer | 2.2.0-11 | 2.3.0-1 | Medium | Fixed |
| References |
|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1219 https://github.com/prusa3d/PrusaSlicer/commit/ba9a9b4e7ac8863f52923a90a9290a8ab0660e89 |