---

CVE-2020-28600 - log back

CVE-2020-28600 edited at 10 May 2021 22:09:11
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
References	+ https://talosintelligence.com/vulnerability_reports/TALOS-2020-1224 + https://github.com/openscad/openscad/pull/3611 + https://github.com/openscad/openscad/commit/07ea60f82e94a155f4926f17fad8e8366bc74874

CVE-2020-28600 created at 10 May 2021 22:07:48
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes