Vulnerabilities > CVE-2020-28601

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cgal

fedoraproject

debian

critical

NVD

Published: 2021-03-04

Updated: 2024-11-21

Summary

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Cgal Cgal Computational Geometry Algorithms Library 5.1.1	1
OS	Fedoraproject Fedoraproject Fedora 33 Fedoraproject Fedora 34	2
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0	2

References

https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html
https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/
https://security.gentoo.org/glsa/202305-34
https://security.gentoo.org/glsa/202305-34
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225

Vulnerabilities > CVE-2020-28601 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-28601"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-28601