Slic3r Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability (TALOS-2020-1213, CVE-2020-28590)

Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability (TALOS-2020-1213, CVE-2020-28590)

Open carnil opened this issue 3 years ago • 4 comments

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1213 (CVE-2020-28590) refers to an issue in Slic3r.

Were you informed about it?

Is this issue open yet or can you point to the fixing commit?

Apr 15 '21 18:04 carnil

No, nobody has reported said issue (until now).

Apr 15 '21 19:04 lordofhyphens

@lordofhyphens ok then it was probably good to having reported it :)

Apr 16 '21 06:04 carnil

The TALOS advisory says "vendor disclosure" happened on 2020-12-21. Out of curiosity, did that not happen?

Aug 15 '22 04:08 ajakk

Related, there is as well https://talosintelligence.com/vulnerability_reports/TALOS-2022-1593

Apr 21 '23 04:04 carnil