彙總 openscad 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 緩衝區溢位與記憶體損壞,在 軟體部署與生產負載 使用場景中可能帶來 應用程式崩潰與記憶體損壞 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2022-0497 | A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations. | [email protected] | 7.1 | 0.41% | 2022-08-29 | 2026-06-17 |
| CVE-2022-0496 | A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import(). | [email protected] | 5.5 | 0.44% | 2022-08-29 | 2026-06-17 |
| CVE-2020-28600 | An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 1.27% | 2021-05-10 | 2026-06-16 |
| CVE-2020-28599 | A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 1.96% | 2021-02-24 | 2026-06-16 |