Vulnerabilities > CVE-2020-35634

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cgal

debian

NVD

Published: 2021-08-30

Updated: 2024-11-21

Summary

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Cgal Cgal Computational Geometry Algorithms Library 5.1.1	1
OS	Debian Debian Debian Linux 10.0	1

References

https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html
https://security.gentoo.org/glsa/202305-34
https://security.gentoo.org/glsa/202305-34
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225

Vulnerabilities > CVE-2020-35634 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-35634"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-35634