Vulnerabilities > Prusa3D

DATE CVE VULNERABILITY TITLE RISK
2022-06-06 CVE-2022-27438 Download of Code Without Integrity Check vulnerability in multiple products
Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function.
8.1
2021-08-17 CVE-2020-28594 Use After Free vulnerability in Prusa3D Prusaslicer 2.2.0
A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856).
local
low complexity
prusa3d CWE-416
7.8
2021-07-08 CVE-2020-28598 Out-of-bounds Write vulnerability in Prusa3D Prusaslicer 2.2.0
An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856).
local
low complexity
prusa3d CWE-787
7.8
2021-02-10 CVE-2020-28596 Out-of-bounds Write vulnerability in Prusa3D Prusaslicer 2.2.0
A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856).
local
low complexity
prusa3d CWE-787
7.8
2021-02-10 CVE-2020-28595 Out-of-bounds Write vulnerability in Prusa3D Prusaslicer 2.2.0
An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856).
local
low complexity
prusa3d CWE-787
7.8