CVE-2020-28596 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Prusa Research PrusaSlicer before version 2.3.0. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Group Package Affected Fixed Severity Status Ticket
AVG-1566 prusa-slicer 2.2.0-11 2.3.0-1 Medium Fixed
References
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1220
https://github.com/prusa3d/PrusaSlicer/commit/ba9a9b4e7ac8863f52923a90a9290a8ab0660e8