CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23947
https://notcve.org/view.php?id=CVE-2024-23947
28 May 2024 — Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_nodes` function while handling a `binary` `.msh` file. Existen múltiples vulnerabilidades de validación de índice de matriz incorrecta en la funcionalidad readMSH de libigl v2.5.0. Un archivo .msh especialmente... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926 • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24584
https://notcve.org/view.php?id=CVE-2024-24584
28 May 2024 — Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns the`readMSH` function while processing `MshLoader::ELEMENT_TET` elements. Existen múltiples vulnerabilidades de lectura fuera de los límites en la funcionalidad readMSH de libigl v2.5.0. Un archivo .msh especialmente manipulado puede provocar una lec... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-24684
https://notcve.org/view.php?id=CVE-2024-24684
28 May 2024 — Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the header parsing occuring while processing an `.off` file via the `readOFF` function. We can see above that at [0] a stack-based buffer called `comment` is defined with an hardcoded size of `1000 bytes`. The call to `fscanf` at [1] is... • https://github.com/SpiralBL0CK/CVE-2024-24684 • CWE-121: Stack-based Buffer Overflow •