CVE-2020-28594

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-28594

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28594.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-28594

Related

UBUNTU-CVE-2020-28594

Published

2021-08-17T20:15:07Z

Modified

2024-10-12T06:28:51.639167Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A use-after-free vulnerability exists in the 3MFImporter::handleend_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

References

Affected packages

Debian:11 / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/debian/slic3r-prusa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.0+dfsg-1

2.3.1+dfsg-1

2.3.2+dfsg-1

2.3.3+dfsg-1

2.3.3+dfsg-2

2.4.0+dfsg-1

2.4.0+dfsg-2

2.4.1+dfsg-1

2.4.2~rc1+dfsg-1

2.4.2~rc2+dfsg-1

2.4.2+dfsg-1

2.5.0+dfsg-1

2.5.0+dfsg-2

2.5.0+dfsg-3

2.5.0+dfsg-4

2.5.2+dfsg-1

2.6.0+dfsg-1

2.6.0+dfsg-2

2.6.0+dfsg-3

2.6.1+dfsg-1

2.6.1+dfsg-2

2.6.1+dfsg-3

2.6.1+dfsg-4

2.6.1+dfsg-4.1

2.7.1+dfsg-1

2.7.2+dfsg-1

2.7.4+dfsg-1

2.7.4+dfsg-1.1

2.7.5~rc1+dfsg-1

2.8.0+dfsg-1

2.8.1+dfsg2-1

2.8.1+dfsg2-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/debian/slic3r-prusa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.5.0+dfsg-4

2.5.2+dfsg-1

2.6.0+dfsg-1

2.6.0+dfsg-2

2.6.0+dfsg-3

2.6.1+dfsg-1

2.6.1+dfsg-2

2.6.1+dfsg-3

2.6.1+dfsg-4

2.6.1+dfsg-4.1

2.7.1+dfsg-1

2.7.2+dfsg-1

2.7.4+dfsg-1

2.7.4+dfsg-1.1

2.7.5~rc1+dfsg-1

2.8.0+dfsg-1

2.8.1+dfsg2-1

2.8.1+dfsg2-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/prusa3d/prusaslicer

Affected ranges

Type: GIT
Repo: https://github.com/prusa3d/prusaslicer
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d5bcddeed333e6be567de517bc22c69fc5559b7e

Affected versions

0.*

0.5.0

0.5.1

0.5.2

0.5.3

0.5.4

0.5.5

0.5.5a

0.5.5b

0.5.6

0.5.7

0.6.0

0.7.0

0.7.1

0.7.2b

0.8.0

0.8.1

0.8.2

0.8.3

0.8.4

0.9.0

0.9.1

0.9.10

0.9.2

0.9.3

0.9.4

0.9.5

0.9.7

0.9.8

0.9.9

1.*

1.0.0

1.0.0RC1

1.0.0RC2

1.0.0RC3

1.0.1

1.1.0

1.1.1

1.1.2

1.1.3

1.1.4

1.2.0

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

Other

before_parallel_arrange

delete

feature_slice_to_png_stable

untagged-2b7490fa646089912913

for_change_log_1.*

for_change_log_1.40.0-alpha1

version_1.*

version_1.2.31a

version_1.30.0

version_1.31.0

version_1.31.1

version_1.31.2

version_1.31.3

version_1.31.4

version_1.31.5

version_1.31.6

version_1.33.0

version_1.33.1

version_1.33.2

version_1.33.3

version_1.33.4

version_1.33.5

version_1.33.6

version_1.33.7

version_1.33.8

version_1.34.0

version_1.34.1

version_1.34.1.24

version_1.35.0

version_1.35.1

version_1.35.2

version_1.35.3

version_1.35.4

version_1.35.5

version_1.36.0

version_1.36.1

version_1.37.0

version_1.37.1

version_1.38.0

version_1.38.1

version_1.38.2

version_1.38.3

version_1.38.4

version_1.38.5

version_1.38.6

version_1.39.0

version_1.39.1-alpha

version_1.39.1-beta

version_1.40.0

version_1.40.0-alpha

version_1.40.0-alpha1

version_1.40.0-alpha2

version_1.40.0-beta

version_1.40.0-rc

version_1.40.1

version_1.40.1-alpha

version_1.40.1-beta

version_1.40.1-rc

version_1.40.1-rc2

version_1.41.0

version_1.41.0-alpha

version_1.41.0-alpha1

version_1.41.0-alpha2

version_1.41.0-alpha3

version_1.41.0-beta

version_1.41.0-beta2

version_1.41.0-rc

version_1.41.1

version_1.41.1-beta

version_1.41.1-rc

version_1.41.2-beta

version_1.41.2-rc

version_1.42.0-alpha

version_1.42.0-alpha1

version_1.42.0-alpha2

version_1.42.0-alpha3

version_1.42.0-alpha4

version_1.42.0-alpha5

version_1.42.0-alpha6

version_1.42.0-alpha7

version_1.42.0-beta

version_1.42.0-beta1

version_1.42.0-beta2

version_1.44.0-alpha4

version_2.*

version_2.0.0

version_2.0.0-rc

version_2.0.0-rc2

version_2.1.0

version_2.1.0-alpha0

version_2.1.0-alpha1

version_2.1.0-beta

version_2.1.0-beta2

version_2.1.0-beta3

version_2.1.0-rc

version_2.1.0-rc2

version_2.2.0

version_2.2.0-alpha0

version_2.2.0-alpha1

version_2.2.0-alpha2

version_2.2.0-alpha3

version_2.2.0-alpha4

version_2.2.0-beta

version_2.2.0-rc

version_2.2.0-rc2

version_2.2.0-rc3

version_2.2.0-rc4

version_2.2.0-rc5