Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
未加检查的返回值
Vulnerability Title
Gerbv 资源管理错误漏洞
Vulnerability Description
Gerbv是一个 Gerber 文件(仅限 Rs-274X)查看器。用于查看 Rs-274X Gerber 文件、Excellon 钻孔文件和 Pick-N-Place 文件。 Gerbv 中存在资源管理错误漏洞,该漏洞源于产品 RS-274X 光圈定义标记功能对已释放的资源重复利用。攻击者可通过特制的gerber文件导致代码执行。以下产品及版本受到影响:Gerbv 2.7.0、Gerbv dev (commit b5f1eacd)、Gerbv fork 2.7.1。
CVSS Information
N/A
Vulnerability Type
N/A