Gentoo update for CGAL
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 44 |
| CVE-ID | CVE-2020-28601 CVE-2020-28602 CVE-2020-28603 CVE-2020-28604 CVE-2020-28605 CVE-2020-28606 CVE-2020-28607 CVE-2020-28608 CVE-2020-28610 CVE-2020-28611 CVE-2020-28612 CVE-2020-28613 CVE-2020-28614 CVE-2020-28615 CVE-2020-28616 CVE-2020-28617 CVE-2020-28618 CVE-2020-28619 CVE-2020-28620 CVE-2020-28621 CVE-2020-28622 CVE-2020-28623 CVE-2020-28624 CVE-2020-28625 CVE-2020-28626 CVE-2020-28627 CVE-2020-28628 CVE-2020-28629 CVE-2020-28630 CVE-2020-28631 CVE-2020-28632 CVE-2020-28633 CVE-2020-28634 CVE-2020-28635 CVE-2020-28636 CVE-2020-35628 CVE-2020-35629 CVE-2020-35630 CVE-2020-35631 CVE-2020-35632 CVE-2020-35633 CVE-2020-35634 CVE-2020-35635 CVE-2020-35636 |
| CWE-ID | CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Gentoo Linux Operating systems & Components / Operating system sci-mathematics/cgal Operating systems & Components / Operating system package or component |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 44 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU51056
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28601
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[]. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
2) Out-of-bounds read
EUVDB-ID: #VU51058
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28602
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Halfedge_of[]. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
3) Out-of-bounds read
EUVDB-ID: #VU51060
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28603
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_hedge() e->set_prev(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
4) Out-of-bounds read
EUVDB-ID: #VU51061
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28604
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_hedge() e->set_next(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
5) Out-of-bounds read
EUVDB-ID: #VU51062
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28605
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_hedge() e->set_vertex(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
6) Out-of-bounds read
EUVDB-ID: #VU51063
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28606
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_hedge() e->set_face(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
7) Out-of-bounds read
EUVDB-ID: #VU51064
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28607
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_face() set_halfedge(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
8) Out-of-bounds read
EUVDB-ID: #VU51065
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28608
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_2/PM_io_parser.h PM_io_parser::read_face() store_fc(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
9) Out-of-bounds read
EUVDB-ID: #VU51067
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28610
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SM_io_parser.h SM_io_parser::read_vertex() set_face(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
10) Out-of-bounds read
EUVDB-ID: #VU51068
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28611
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SM_io_parser.h SM_io_parser::read_vertex() set_first_out_edge(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
11) Out-of-bounds read
EUVDB-ID: #VU51069
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28612
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->svertices_begin(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
12) Out-of-bounds read
EUVDB-ID: #VU51070
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28613
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->svertices_last(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
13) Out-of-bounds read
EUVDB-ID: #VU51071
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28614
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->shalfedges_begin(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
14) Out-of-bounds read
EUVDB-ID: #VU51072
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28615
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->shalfedges_last(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
15) Out-of-bounds read
EUVDB-ID: #VU51073
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28616
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->sfaces_begin(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
16) Out-of-bounds read
EUVDB-ID: #VU51074
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28617
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->sfaces_last(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
17) Out-of-bounds read
EUVDB-ID: #VU51075
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28618
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->shalfloop(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
18) Out-of-bounds read
EUVDB-ID: #VU51076
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28619
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_edge() eh->twin(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
19) Out-of-bounds read
EUVDB-ID: #VU51077
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28620
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_edge() eh->center_vertex(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
20) Out-of-bounds read
EUVDB-ID: #VU51078
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28621
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_edge() eh->out_sedge(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
21) Out-of-bounds read
EUVDB-ID: #VU51079
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28622
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_edge() eh->incident_sface(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
22) Out-of-bounds read
EUVDB-ID: #VU51080
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28623
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_facet() fh->twin(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
23) Out-of-bounds read
EUVDB-ID: #VU51081
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28624
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_facet() fh->boundary_entry_objects SEdge_of. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
24) Out-of-bounds read
EUVDB-ID: #VU51082
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28625
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_facet() fh->boundary_entry_objects SLoop_of. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
25) Out-of-bounds read
EUVDB-ID: #VU51083
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28626
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_facet() fh->incident_volume(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
26) Out-of-bounds read
EUVDB-ID: #VU51084
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28627
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_volume() ch->shell_entry_objects(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
27) Out-of-bounds read
EUVDB-ID: #VU51085
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28628
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_volume() seh->twin(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
28) Out-of-bounds read
EUVDB-ID: #VU51086
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28629
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->sprev(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
29) Out-of-bounds read
EUVDB-ID: #VU51087
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28630
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->snext(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
30) Out-of-bounds read
EUVDB-ID: #VU51088
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28631
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->source(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
31) Out-of-bounds read
EUVDB-ID: #VU51089
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28632
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->incident_sface(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
32) Out-of-bounds read
EUVDB-ID: #VU51090
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28633
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->prev(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
33) Out-of-bounds read
EUVDB-ID: #VU51091
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28634
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->next(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
34) Out-of-bounds read
EUVDB-ID: #VU51092
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28635
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->facet(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
35) Out-of-bounds read
EUVDB-ID: #VU51093
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-28636
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
36) Out-of-bounds read
EUVDB-ID: #VU51094
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35628
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
37) Out-of-bounds read
EUVDB-ID: #VU51095
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35629
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->facet(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
38) Out-of-bounds read
EUVDB-ID: #VU51096
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35630
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->center_vertex(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
39) Out-of-bounds read
EUVDB-ID: #VU51097
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35631
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() SD.link_as_face_cycle(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
40) Out-of-bounds read
EUVDB-ID: #VU51098
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35632
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->boundary_entry_objects Edge_of. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
41) Out-of-bounds read
EUVDB-ID: #VU51099
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35633
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Edge_of. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
42) Out-of-bounds read
EUVDB-ID: #VU51100
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35634
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->boundary_entry_objects Sloop_of. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
43) Out-of-bounds read
EUVDB-ID: #VU51101
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35635
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of. A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
44) Out-of-bounds read
EUVDB-ID: #VU51102
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-35636
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume(). A remote attacker can use a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
sci-mathematics/cgal to version: 5.4.1
Gentoo Linux: All versions
sci-mathematics/cgal: before 5.4.1
Fixed software versionsCPE2.3 External links
http://security.gentoo.org/glsa/202305-34
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
