← Back

Freecad

freecad

Vendor: Freecadweb • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-45845
2Debian
Freecadweb
2Debian Linux
Freecad
Nov 21, 2024
Jan 25, 2022
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.
CVE-2021-45844
2Debian
Freecadweb
2Debian Linux
Freecad
Nov 21, 2024
Jan 25, 2022
N/A· v4
7.8 HIGH· v3
7.6 HIGH· v2
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.