[Security]: vulnerabilities in SketchUp C SDK


We are using SketchUp C SDK 2019-0-753 in our product (SkecthUpAPI.dll). We received a report ZeroDayInitative that it has security vulnerabilities with proof-of-concept files. Who should we contact to provide technical information about the vulnerabilities in your products (possibly your desktop application has them too).

Best regards,

This is a forum. The official issue tracker is here …

FYI … the issue has been filed …

https://github.com/SketchUp/api-issue-tracker/issues/501 has been created, but nobody is looking at security vulnerabilities in the commercial product.

Why do you say this? Do you have direct evidence ?

It was not me, you did in the Github issue. Read again what you’ve wrote in https://github.com/SketchUp/api-issue-tracker/issues/501#issuecomment-656394724.

I just reread what I wrote. I never said anything of the sort that you allege. Not in that post nor anywhere at anytime.

In fact I know otherwise. Slandering Trimble or the reputation of it’s employees is not proper behavior in these forums.Nor will it serve to hasten the fixing of the issues.

I suggest you read the rules of the forum: