V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
← Back to List
Prusa3dApplicationnvd

Prusaslicer

Vulnerabilities
6
Known exploited
0
Max CVSS
8.1
Top EPSS
0.02383

Severity breakdown

Critical
0
High
5
Medium
1
Low
0

Affected version ranges

≤ 2.6.1
Also matched as (raw): take_command,direct_folders,vi_package_manager,displaylink_usb_graphics,boomtv_streamer_portal,teracopy,free_snipping_tool,prusaslicer,emeditor,flamory,burning_suite,plagiarism_checker_x

Top vulnerabilities

CVE-2022-27438Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.
CVE-2020-28598An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-28596A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-28595An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-28594A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2023-47268In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported.
View vendor →Open in catalog with product filter →