Vulnerability Details : CVE-2021-44961
Potential exploit
A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide malicious files to trigger this vulnerability.
Products affected by CVE-2021-44961
- cpe:2.3:a:slic3r:libslic3r:1.3.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-44961
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-44961
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2021-44961
-
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-44961
-
https://hackmd.io/nDT_UKLyRQendxDwil9A4w
Slic3r libslic3r PerimeterGenerator Memory Leakage Vulnerability - HackMDExploit;Third Party Advisory
Jump to