CVE-2023-35952

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-35952
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-35952.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-35952
Downstream
Published
2024-05-28T14:15:09.313Z
Modified
2026-03-11T15:17:14.991132Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric faces section within an OFF file.

References

Affected packages

Git / github.com/libigl/libigl

Affected ranges

Type
GIT
Repo
https://github.com/libigl/libigl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
66b3ef2253e765d0ce0db74cec91bd706e5ba176
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fdaac01bcc52888994f7afd029dcc045dd408484
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.5.0"
        }
    ]
}

Affected versions

v1.*
v1.3.1
v1.3.2
v1.3.3
v2.*
v2.0.0
v2.1.0
v2.2.0
v2.3.0
v2.4.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-35952.json"