FreeCAD
by FreeCAD
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-45844 | Hig | 0.51 | 7.8 | 0.01 | Jan 25, 2022 | Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. | ||
| CVE-2021-45845 | Hig | 0.00 | 7.8 | 0.02 | Jan 25, 2022 | The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. |
- risk 0.51cvss 7.8epss 0.01
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.
- risk 0.00cvss 7.8epss 0.02
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.