GCVE - cpe:2.3:a:n/a:openscad:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:openscad:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Openscad (`d2450814-2ff8-58d5-b411-3bd35a32cd75`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-0497`	vulnerable	2026-06-08 05:39:10.159206	Details available A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations. Published: 2022-08-29T14:03:04.000Z Updated: 2024-08-02T23:32:46.137Z Open on db.gcve.eu Reference links https://github.com/openscad/openscad/issues/4043 https://bugzilla.redhat.com/show_bug.cgi?id=2050699 https://github.com/openscad/openscad/pull/4044	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-0496`	vulnerable	2026-06-08 05:39:10.158143	Details available A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import(). Published: 2022-08-29T14:03:04.000Z Updated: 2024-08-02T23:32:46.180Z Open on db.gcve.eu Reference links https://github.com/openscad/openscad/issues/4037 https://bugzilla.redhat.com/show_bug.cgi?id=2050695 https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652 https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-28600`	vulnerable	2026-06-08 05:23:56.248803	Details available HIGH (8.8) An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-05-10T19:18:39.000Z Updated: 2024-08-04T16:40:59.592Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1224	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-28599`	vulnerable	2026-06-08 05:23:56.247322	Details available HIGH (8.8) A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-02-24T15:58:26.000Z Updated: 2024-08-04T16:40:59.678Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1223 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRHYUWXQ7QQIC6TXDYYLYFFF7B7L3EBD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFXQZK6BAYARVVWBBXDKPVPN3N77PPDX/ https://security.gentoo.org/glsa/202107-35 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1224	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.