panda3d 1.10.16 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the panda3d package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Use of Uninitialized Variable Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs. Affected versions of this package are vulnerable to Use of Uninitialized Variable via the `deploy-stub` process. An attacker can cause the application to crash or exhibit undefined behavior by supplying a large number of command-line arguments, which leads to unbounded stack allocation. How to fix Use of Uninitialized Variable? There is no fixed version for `Panda3D`.	[0,)
M Use of Externally-Controlled Format String Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs. Affected versions of this package are vulnerable to Use of Externally-Controlled Format String via the `egg-mkfont` component. An attacker can access sensitive stack-resident memory and pointer values by supplying crafted format specifiers to the `-gp` command-line option, which is used directly as the format string for `sprintf()`. How to fix Use of Externally-Controlled Format String? There is no fixed version for `Panda3D`.	[0,)
M Stack-based Buffer Overflow Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs. Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the `egg-mkfont` process. An attacker can cause memory corruption or execute arbitrary code by supplying an excessively long glyph pattern string to the `-gp` parameter, which is formatted into a fixed-size stack buffer without length validation. How to fix Stack-based Buffer Overflow? There is no fixed version for `Panda3D`.	[0,)

Vulnerability

Vulnerable Version

Use of Uninitialized Variable

Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs.

Affected versions of this package are vulnerable to Use of Uninitialized Variable via the deploy-stub process. An attacker can cause the application to crash or exhibit undefined behavior by supplying a large number of command-line arguments, which leads to unbounded stack allocation.

How to fix Use of Uninitialized Variable?

There is no fixed version for Panda3D.

[0,)

Use of Externally-Controlled Format String

Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs.

Affected versions of this package are vulnerable to Use of Externally-Controlled Format String via the egg-mkfont component. An attacker can access sensitive stack-resident memory and pointer values by supplying crafted format specifiers to the -gp command-line option, which is used directly as the format string for sprintf().

How to fix Use of Externally-Controlled Format String?

There is no fixed version for Panda3D.

[0,)

Stack-based Buffer Overflow

Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs.

Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the egg-mkfont process. An attacker can cause memory corruption or execute arbitrary code by supplying an excessively long glyph pattern string to the -gp parameter, which is formatted into a fixed-size stack buffer without length validation.

How to fix Stack-based Buffer Overflow?

There is no fixed version for Panda3D.

[0,)

panda3d@1.10.16 vulnerabilities

Panda3D is a framework for 3D rendering and game development for Python and C++ programs.

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically