{"id":"CVE-2020-35631","details":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser\u003cEW\u003e::read_sface() SD.link_as_face_cycle().","modified":"2026-03-14T10:29:06.766377Z","published":"2022-04-18T17:15:14.157Z","references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202305-34"},{"type":"EVIDENCE","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cgal/cgal","events":[{"introduced":"0"},{"last_affected":"8b649c42a258e3db346f19cb3ae89eca5fea877d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.1.1"}]}}],"versions":["4.14_branch_before_no_tws_nor_tabs","5.0_branch_before_no_tws_nor_tab","master_before_no_tws_nor_tabs","releases/CGAL-3.9-beta1","releases/CGAL-4.0","releases/CGAL-4.10","releases/CGAL-4.10-beta1","releases/CGAL-4.10.1","releases/CGAL-4.10.2","releases/CGAL-4.11","releases/CGAL-4.11-beta1","releases/CGAL-4.11.1","releases/CGAL-4.11.2","releases/CGAL-4.11.3","releases/CGAL-4.12","releases/CGAL-4.12-beta1","releases/CGAL-4.12-beta2","releases/CGAL-4.12.1","releases/CGAL-4.12.2","releases/CGAL-4.13","releases/CGAL-4.13-beta1","releases/CGAL-4.13-beta2","releases/CGAL-4.13.1","releases/CGAL-4.13.2","releases/CGAL-4.14","releases/CGAL-4.14-beta1","releases/CGAL-4.14-beta2","releases/CGAL-4.14-beta3","releases/CGAL-4.14-beta4","releases/CGAL-4.14.1","releases/CGAL-4.14.2","releases/CGAL-4.14.3","releases/CGAL-4.2","releases/CGAL-4.2-beta1","releases/CGAL-4.3","releases/CGAL-4.3-beta1","releases/CGAL-4.3-scripts","releases/CGAL-4.4","releases/CGAL-4.4-beta1","releases/CGAL-4.5","releases/CGAL-4.5-beta1","releases/CGAL-4.5.1","releases/CGAL-4.5.2","releases/CGAL-4.6","releases/CGAL-4.6-beta1","releases/CGAL-4.6.1","releases/CGAL-4.6.2","releases/CGAL-4.6.3","releases/CGAL-4.7","releases/CGAL-4.7-beta1","releases/CGAL-4.7-beta2","releases/CGAL-4.7-branch-tip","releases/CGAL-4.8","releases/CGAL-4.8-beta1","releases/CGAL-4.8-beta2","releases/CGAL-4.8-branch-tip","releases/CGAL-4.8.1","releases/CGAL-4.8.2","releases/CGAL-4.9","releases/CGAL-4.9-beta1","releases/CGAL-4.9-branch-tip","releases/CGAL-4.9.1","releases/CGAL-5.0","releases/CGAL-5.0-beta1","releases/CGAL-5.0-beta2","releases/CGAL-5.0.1","releases/CGAL-5.0.2","releases/CGAL-5.0.3","releases/CGAL-5.1-beta1","releases/CGAL-5.1-beta2","v4.14","v4.14.1","v4.14.2","v4.14.3","v4.14.x-tip","v5.0","v5.0.1","v5.0.2","v5.0.3","v5.0.4","v5.1","v5.1-beta1","v5.1-beta2","v5.1.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-35631.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}