All errata/sisyphus/ALT-PU-2026-2183-2
ALT-PU-2026-2183-2

Package update PrusaSlicer in branch sisyphus

Version2.9.4-alt1
Task#401885
Published2026-05-13
Max severityCRITICAL
Severity:

Closed issues (3)

BDU:2022-03900
CRITICAL9.6

Уязвимость функции проверки обновлений пакета Advanced Updater инструмента для упаковки приложений Caphyon Advanced Installer, позволяющая нарушителю выполнить произвольный код

Published: 2022-06-28
CVSS 3.xCRITICAL 9.6
CVSS:3.x/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 8.3
CVSS:2.0/AV:A/AC:L/Au:N/C:C/I:C/A:C
References
CVE-2022-27438
HIGH8.1

Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.

Published: 2022-06-06Modified: 2026-06-17
CVSS 2.0MEDIUM 5.1
CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.1
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References
CVE-2023-47268
MEDIUM5.3

In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported.

Published: 2026-05-08Modified: 2026-06-17
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
References