CVE-2020-35631 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An out of bounds read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() SD.link_as_face_cycle(). An attacker can provide malicious input to trigger this vulnerability.
Group Package Affected Fixed Severity Status Ticket
AVG-1643 cgal 4.14.3-2 5.4-1 Medium Fixed FS#70043
References
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225