cbcvebase.

Prusa3D Prusaslicer vulnerabilities

6 known vulnerabilities affecting prusa3d/prusaslicer.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2023-47268P3MEDIUMCVSS 5.3PoC≤ 2.6.12026-05-08
CVE-2023-47268 [MEDIUM] CWE-77 CVE-2023-47268: In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported.
nvd
CVE-2022-27438P3HIGHCVSS 8.1v2.4.22022-06-06
CVE-2022-27438 [HIGH] CWE-494 CVE-2022-27438: Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.
nvd
CVE-2020-28594P3HIGHCVSS 7.8v2.2.02021-08-17
CVE-2020-28594 [HIGH] CWE-416 CVE-2020-28594: A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Pru A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
nvd
CVE-2020-28595P3HIGHCVSS 7.8v2.2.02021-02-10
CVE-2020-28595 [HIGH] CWE-122 CVE-2020-28595: An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Researc An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
nvd
CVE-2020-28596P3HIGHCVSS 7.8v2.2.02021-02-10
CVE-2020-28596 [HIGH] CWE-787 CVE-2020-28596: A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Pru A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
nvd
CVE-2020-28598P3HIGHCVSS 7.8v2.2.02021-07-08
CVE-2020-28598 [HIGH] CWE-122 CVE-2020-28598: An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
nvd
Prusa3D Prusaslicer vulnerabilities | cvebase