Debian Slic3R vulnerabilities

CVE-2022-36788 [HIGH] CVE-2022-36788: slic3r - A heap-based buffer overflow vulnerability exists in the TriangleMesh clone func... A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-crafted STL file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: open bullseye: open

CVE-2021-44961 [MEDIUM] CVE-2021-44961: slic3r - A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r... A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide malicious files to trigger this vulnerability. Scope: local bookworm: open bullseye: open

CVE-2021-45847 [MEDIUM] CVE-2021-45847: slic3r - Several missing input validations in the 3MF parser component of Slic3r libslic3... Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file. Scope: local bookworm: open bullseye: open

CVE-2021-44962 [MEDIUM] CVE-2021-44962: slic3r - An out-of-bounds read vulnerability exists in the GCode::extrude() functionality... An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: open bullseye: open

CVE-2021-45846 [MEDIUM] CVE-2021-45846: slic3r - A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause a... A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a "type" attribute. Scope: local bookworm: open bullseye: open

CVE-2020-28590 [MEDIUM] CVE-2020-28590: slic3r - An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::Triangl... An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: open bullseye: open

CVE-2020-28591 [MEDIUM] CVE-2020-28591: slic3r - An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::end... An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 1.3.0+dfsg1-4) bullseye: resol