Vulnerabilities > Freecadweb
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-25 | CVE-2021-45844 | OS Command Injection vulnerability in multiple products Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. | 7.8 |
2022-01-25 | CVE-2021-45845 | OS Command Injection vulnerability in multiple products The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. | 7.8 |