7.1

CVE-2022-0497

Exploit

A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations.

Data is provided by the National Vulnerability Database (NVD)
OpenscadOpenscad Version < 2022-01-09
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.11% 0.297
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://bugzilla.redhat.com/show_bug.cgi?id=2050699
Third Party Advisory
Issue Tracking
https://github.com/openscad/openscad/issues/4043
Patch
Third Party Advisory
Exploit
Issue Tracking