Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-28594

Опубликовано: 17 авг. 2021
Источник: debian
EPSS Низкий

Описание

A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
slic3r-prusaunfixedpackage
slic3r-prusapostponedtrixiepackage
slic3r-prusapostponedbookwormpackage
slic3r-prusano-dsabullseyepackage

Примечания

  • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1218

EPSS

Процентиль: 77%
0.01074
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-28594

CVSS3: 7.8
ubuntu
почти 4 года назад

A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

nvd логотип

CVE-2020-28594

CVSS3: 7.8
nvd
почти 4 года назад

A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

github логотип

GHSA-22g3-xr7w-8vqq

CVSS3: 7.8
github
около 3 лет назад

A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

EPSS

Процентиль: 77%
0.01074
Низкий