Vulnerability Details CVE-2022-0496
A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import().
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.7%
CVSS Severity
CVSS v3 Score 5.5
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2050695
- https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41
- https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652
- https://github.com/openscad/openscad/issues/4037
- https://bugzilla.redhat.com/show_bug.cgi?id=2050695
- https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41
- https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652
- https://github.com/openscad/openscad/issues/4037
Products affected by CVE-2022-0496
-
cpe:2.3:a:openscad:openscad:-
-
cpe:2.3:a:openscad:openscad:2011.12
-
cpe:2.3:a:openscad:openscad:2013.01
-
cpe:2.3:a:openscad:openscad:2013.06
-
cpe:2.3:a:openscad:openscad:2014.03
-
cpe:2.3:a:openscad:openscad:2015.03
-
cpe:2.3:a:openscad:openscad:2019.05
-
cpe:2.3:a:openscad:openscad:2020.12
-
cpe:2.3:a:openscad:openscad:2021.01
-
cpe:2.3:a:openscad:openscad:2022-01-09