Vulnerabilities > Freecadweb

DATE CVE VULNERABILITY TITLE RISK
2022-01-25 CVE-2021-45844 OS Command Injection vulnerability in multiple products
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.
local
low complexity
freecadweb debian CWE-78
7.8
2022-01-25 CVE-2021-45845 OS Command Injection vulnerability in multiple products
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.
local
low complexity
freecadweb debian CWE-78
7.8