High severity8.8NVD Advisory· Published Apr 18, 2022· Updated Jun 17, 2026
CVE-2020-28604
CVE-2020-28604
Description
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_hedge() e->set_next().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CGAL Project/libcgalv5Range: CGAL-5.1.1
Patches
Vulnerability mechanics
References
3- talosintelligence.com/vulnerability_reports/TALOS-2020-1225nvdExploitThird Party Advisory
- lists.debian.org/debian-lts-announce/2022/12/msg00011.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/202305-34nvd
News mentions
0No linked articles in our index yet.