https://bugzilla.redhat.com/show_bug.cgi?id=2046372
Bug ID: 2046372
Summary: CVE-2021-45847 slic3r: NULL pointer dereference in 3MF
XML via a crafted 3MF input file
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: mhroncok(a)redhat.com,
perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Other
Several missing input validations in the 3MF parser component of Slic3r
libslic3r 1.3.0 can each allow an attacker to cause an application crash using
a crafted 3MF input file.
References:
https://github.com/slic3r/Slic3r/issues/5118
https://github.com/slic3r/Slic3r/issues/5119
https://github.com/slic3r/Slic3r/issues/5120
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2046372