VYPR
Vendor

Gerbv

Products
2
CVEs
8
Across products
10
Status
Private

Products

2

Recent CVEs

8
  • CVE-2021-40394CriDec 22, 2021
    risk 0.64cvss 9.8epss 0.03

    An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can…

  • CVE-2021-40393CriDec 22, 2021
    risk 0.64cvss 9.8epss 0.03

    An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can…

  • CVE-2021-40391CriNov 19, 2021
    risk 0.64cvss 9.8epss 0.03

    An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a…

  • CVE-2021-40401HigFeb 4, 2022
    risk 0.56cvss 8.6epss 0.01

    A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger…

  • CVE-2021-40402HigApr 14, 2022
    risk 0.49cvss 7.5epss 0.01

    An out-of-bounds read vulnerability exists in the RS-274X aperture macro multiple outline primitives functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.7.1 and 2.8.0. A specially-crafted Gerber file can lead to information disclosure. An attacker can…

  • CVE-2021-40400HigApr 14, 2022
    risk 0.49cvss 7.5epss 0.01

    An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit d7f42a9a). A specially-crafted Gerber file can lead to information disclosure. An attacker…

  • CVE-2021-40403MedFeb 4, 2022
    risk 0.41cvss 6.3epss 0.01

    An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. A specially-crafted pick-and-place file can exploit the missing initialization of a structure to leak memory…

  • CVE-2023-4508MedAug 24, 2023
    risk 0.00cvss 5.5epss 0.00

    A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.