RSS   Vulnerabilities for 'Freecad'   RSS

2022-01-25
 
CVE-2021-45844

CWE-78
 

 
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.

 
 
CVE-2021-45845

CWE-78
 

 
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.

 


Copyright 2024, cxsecurity.com

 

Back to Top