CVE-2023-35950 HIGH

CVE-2023-35950

Vendor Libigl
Product libigl
Weakness CWE-121
Published May 28, 2024
Last update February 13, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing the header of an OFF file.

Key dates

02Disclosure timeline

May 28, 2024 CVE published
February 13, 2025 Record updated