Admesh Project: >> Admesh >> 0.98.4 Security Vulnerabilities
An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-03
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a.
CVSS Score
8.1
EPSS Score
0.005
Published
2022-05-08