MEDIUM🇵🇱 Wersja polska

CVE-2022-38072

CVSS 6.5v3.1pub. 2023-04-03upd. 2024-11-21

An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
  • Admesh Project Admesh

    APP
    Admesh Project
    0.98.42022-11-18
  • Slic3r Libslic3r

    APP
    Slic3R
    b1a5500
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2022-36788HIGH8.1ten sam produkt

A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r ...

CVE-2018-25033HIGH8.1ten sam produkt

ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remov...

CVE-2021-44961MEDIUM5.5ten sam produkt

A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a55...

CVE-2021-44962MEDIUM5.5ten sam produkt

An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and...

CVE-2020-28590MEDIUM6.5ten sam produkt

An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh() functionality of Slic3...