CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36788
https://notcve.org/view.php?id=CVE-2022-36788
A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-crafted STL file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1593 • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38072
https://notcve.org/view.php?id=CVE-2022-38072
An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. • https://github.com/admesh/admesh/commit/5fab257268a0ee6f832c18d72af89810a29fbd5f https://talosintelligence.com/vulnerability_reports/TALOS-2022-1594 • CWE-118: Incorrect Access of Indexable Resource ('Range Error') CWE-129: Improper Validation of Array Index •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44962
https://notcve.org/view.php?id=CVE-2021-44962
An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de lectura fuera de límites en la funcionalidad GCode::extrude() de Slic3r libslic3r versiones 1.3.0 y Master Commit b1a5500. Un archivo stl especialmente diseñado podría conllevar a una divulgación de información. • https://hackmd.io/KSI1bwGfSyO7T8UCf0HeTw https://slic3r.org • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44961
https://notcve.org/view.php?id=CVE-2021-44961
A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide malicious files to trigger this vulnerability. Existe un fallo de fuga de memoria en la clase PerimeterGenerator de Slic3r libslic3r 1.3.0 y Master Commit b1a5500. Los archivos stl especialmente diseñados pueden agotar la memoria disponible. • http://libslic3r.com http://slic3r.com https://hackmd.io/nDT_UKLyRQendxDwil9A4w • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 1CVE-2020-28590
https://notcve.org/view.php?id=CVE-2020-28590
An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de lectura fuera de límites en la funcionalidad TriangleMesh::TriangleMesh() del Archivo Obj de Slic3r libslic3r versión 1.3.0 y Master Commit versión 92abbc42. Un archivo obj especialmente diseñado podría conllevar a una divulgación de información. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1213 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •