CVE-2020-28623
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-28623
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->twin().
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对数组索引的验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Laurent Rineau CGAL输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Laurent Rineau CGAL是 (Laurent Rineau)开源的一个应用软件。提供通过C ++库的形式轻松访问高效且可靠的几何算法的功能。 CGAL libcgal CGAL-5.1.1存在安全漏洞,攻击者可以提供特制的格式错误的文件来导致越界读取和类型混淆,从而导致代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| CGAL Project | libcgal | CGAL-5.1.1 | - |
II. Public POCs for CVE-2020-28623
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-28623
请登录查看更多情报信息。
- https://security.gentoo.org/glsa/202305-34vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-28623
Same Patch Batch · CGAL Project · 2022-04-18 · 38 CVEs total
| CVE-2020-28631 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28621 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28622 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28624 | Laurent Rineau CGAL输入验证错误漏洞 | |
| CVE-2020-28625 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28626 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28627 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28628 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28629 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28630 | Laurent Rineau CGAL输入验证错误漏洞 | |
| CVE-2020-28620 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28632 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28633 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28634 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28635 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-35629 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-35630 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-35631 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-35632 | Laurent Rineau CGAL 输入验证错误漏洞 | |
| CVE-2020-28611 | Laurent Rineau CGAL输入验证错误漏洞 |
Showing top 20 of 38 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same weakness: CWE-129
- CVE-2026-41643
GoBGP: Remote Denial of Service (Panic) in UpdatePathAttrs4B - CVE-2026-40251
Incus out-of-bounds panic in snapshot metadata handling allo - CVE-2026-40886
Argo Workflows: Unchecked annotation parsing in pod informer - CVE-2026-6840
ONE 输入验证错误漏洞 - CVE-2026-40097
Step CA affected by an index out of bounds panic in TPM atte
V. Comments for CVE-2020-28623
No comments yet