MidnightBSD

Advisories for cgal

CVE-2020-28601 HIGH

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-129,CWE-125,

Products Affected

Vendor Product Version
fedoraproject fedora 34
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 9.0
fedoraproject fedora 33
debian debian_linux 10.0
CVE-2020-28602 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_vertex() Halfedge_of[].

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28603 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_prev().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28604 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_next().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28605 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_vertex().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28606 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_face().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28607 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() set_halfedge().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28608 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() store_fc().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28609 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() store_iv().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28610 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SM_io_parser.h SM_io_parser<Decorator_>::read_vertex() set_face().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28611 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SM_io_parser.h SM_io_parser<Decorator_>::read_vertex() set_first_out_edge().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28612 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->svertices_begin().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28613 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->svertices_last().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28614 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfedges_begin().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28615 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfedges_last().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28616 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->sfaces_begin().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28617 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->sfaces_last().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28618 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfloop().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28619 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->twin().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28620 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->center_vertex():.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28621 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->out_sedge().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28622 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->incident_sface().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28623 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->twin().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28624 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SEdge_of.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28625 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SLoop_of.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28626 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->incident_volume().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28627 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() ch->shell_entry_objects().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28628 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() seh->twin().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28629 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->sprev().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28630 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->snext().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28631 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->source().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28632 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->incident_sface().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28633 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->prev().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28634 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->next().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28635 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->facet().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-28636 HIGH

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-129,CWE-125,

Products Affected

Vendor Product Version
fedoraproject fedora 34
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 9.0
fedoraproject fedora 33
debian debian_linux 10.0
CVE-2020-35628 HIGH

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-129,CWE-125,

Products Affected

Vendor Product Version
fedoraproject fedora 34
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 9.0
fedoraproject fedora 33
debian debian_linux 10.0
CVE-2020-35629 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sloop() slh->facet().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-35630 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->center_vertex().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-35631 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() SD.link_as_face_cycle().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-35632 MEDIUM

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Edge_of.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-125,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-35633 MEDIUM

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() store_sm_boundary_item() Edge_of.A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-35634 MEDIUM

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-35635 MEDIUM

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,CWE-129,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0
CVE-2020-35636 HIGH

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-129,CWE-125,CWE-843,

Products Affected

Vendor Product Version
cgal computational_geometry_algorithms_library 5.1.1
debian debian_linux 10.0