CVE-2022-36788

Summary

A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-crafted STL file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Slic3rlibslic3r1.3.0affected
Slic3rlibslic3rMaster Commit b1a5500affected

Weaknesses

  • CWE-130: CWE-130: Improper Handling of Length Parameter Inconsistency

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References