High severity8.8NVD Advisory· Published Apr 18, 2022· Updated Jun 17, 2026
CVE-2020-28617
CVE-2020-28617
Description
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_vertex() vh->sfaces_last().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CGAL Project/libcgalv5Range: CGAL-5.1.1
Patches
Vulnerability mechanics
References
3- talosintelligence.com/vulnerability_reports/TALOS-2020-1225nvdExploitThird Party Advisory
- lists.debian.org/debian-lts-announce/2022/12/msg00011.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/202305-34nvdThird Party Advisory
News mentions
0No linked articles in our index yet.