rpm package
opensuse/assimp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/assimp&distro=openSUSE%20Tumbleweed
Vulnerabilities (28)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-10199 | Low | 3.3 | < 6.0.5-3.1 | 6.0.5-3.1 | May 31, 2026 | A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator[] leads to null pointer dereference. The attack must be carried out locally. The exploit has been d | |
| CVE-2026-10197 | Low | 3.3 | < 6.0.5-3.1 | 6.0.5-3.1 | May 31, 2026 | A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possi | |
| CVE-2025-70067 | Cri | 9.8 | < 6.0.5-2.1 | 6.0.5-2.1 | May 4, 2026 | Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length va | |
| CVE-2025-11277 | Med | 5.3 | < 6.0.5-3.1 | 6.0.5-3.1 | Oct 5, 2025 | A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer overflow. The attack needs to be launched loc | |
| CVE-2025-5200 | — | < 6.0.4-1.1 | 6.0.4-1.1 | May 26, 2025 | A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFile_Quake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible t | ||
| CVE-2025-5167 | — | < 6.0.4-1.1 | 6.0.4-1.1 | May 26, 2025 | A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function LWOImporter::GetS0 in the library assimp/code/AssetLib/LWO/LWOLoader.h. The manipulation of the argument out leads to out-of-bo | ||
| CVE-2025-3548 | Med | 5.3 | < 6.0.2-1.1 | 6.0.2-1.1 | Apr 14, 2025 | A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overfl | |
| CVE-2025-3196 | Med | 5.3 | < 6.0.1-1.1 | 6.0.1-1.1 | Apr 4, 2025 | A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the arg | |
| CVE-2025-3160 | — | < 6.0.1-1.1 | 6.0.1-1.1 | Apr 3, 2025 | A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to | ||
| CVE-2025-3159 | — | < 6.0.1-1.1 | 6.0.1-1.1 | Apr 3, 2025 | A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/AssetLib/ASE/ASEParser.cpp of the component ASE File Handler. The manipulation leads t | ||
| CVE-2025-3158 | — | < 6.0.2-1.1 | 6.0.2-1.1 | Apr 3, 2025 | A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. Th | ||
| CVE-2025-3016 | — | < 5.4.3-5.1 | 5.4.3-5.1 | Mar 31, 2025 | A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulatio | ||
| CVE-2025-3015 | — | < 5.4.3-5.1 | 5.4.3-5.1 | Mar 31, 2025 | A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argumen | ||
| CVE-2025-2757 | — | < 6.0.2-1.1 | 6.0.2-1.1 | Mar 25, 2025 | A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Handler. The manipulation of the argument dat | ||
| CVE-2025-2756 | — | < 6.0.4-1.1 | 6.0.4-1.1 | Mar 25, 2025 | A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument tmp | ||
| CVE-2025-2751 | — | < 6.0.2-1.1 | 6.0.2-1.1 | Mar 25, 2025 | A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of t | ||
| CVE-2025-2750 | — | < 6.0.2-1.1 | 6.0.2-1.1 | Mar 25, 2025 | A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to out-of-bo | ||
| CVE-2025-2592 | — | < 5.4.3-5.1 | 5.4.3-5.1 | Mar 21, 2025 | A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack m | ||
| CVE-2025-2591 | — | < 5.4.3-5.1 | 5.4.3-5.1 | Mar 21, 2025 | A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to di | ||
| CVE-2025-2152 | — | < 6.0.1-1.1 | 6.0.1-1.1 | Mar 10, 2025 | A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer |
- affected < 6.0.5-3.1fixed 6.0.5-3.1
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator[] leads to null pointer dereference. The attack must be carried out locally. The exploit has been d
- affected < 6.0.5-3.1fixed 6.0.5-3.1
A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possi
- affected < 6.0.5-2.1fixed 6.0.5-2.1
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length va
- affected < 6.0.5-3.1fixed 6.0.5-3.1
A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer overflow. The attack needs to be launched loc
- CVE-2025-5200May 26, 2025affected < 6.0.4-1.1fixed 6.0.4-1.1
A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFile_Quake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible t
- CVE-2025-5167May 26, 2025affected < 6.0.4-1.1fixed 6.0.4-1.1
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function LWOImporter::GetS0 in the library assimp/code/AssetLib/LWO/LWOLoader.h. The manipulation of the argument out leads to out-of-bo
- affected < 6.0.2-1.1fixed 6.0.2-1.1
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overfl
- affected < 6.0.1-1.1fixed 6.0.1-1.1
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the arg
- CVE-2025-3160Apr 3, 2025affected < 6.0.1-1.1fixed 6.0.1-1.1
A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to
- CVE-2025-3159Apr 3, 2025affected < 6.0.1-1.1fixed 6.0.1-1.1
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/AssetLib/ASE/ASEParser.cpp of the component ASE File Handler. The manipulation leads t
- CVE-2025-3158Apr 3, 2025affected < 6.0.2-1.1fixed 6.0.2-1.1
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. Th
- CVE-2025-3016Mar 31, 2025affected < 5.4.3-5.1fixed 5.4.3-5.1
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulatio
- CVE-2025-3015Mar 31, 2025affected < 5.4.3-5.1fixed 5.4.3-5.1
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argumen
- CVE-2025-2757Mar 25, 2025affected < 6.0.2-1.1fixed 6.0.2-1.1
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Handler. The manipulation of the argument dat
- CVE-2025-2756Mar 25, 2025affected < 6.0.4-1.1fixed 6.0.4-1.1
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument tmp
- CVE-2025-2751Mar 25, 2025affected < 6.0.2-1.1fixed 6.0.2-1.1
A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of t
- CVE-2025-2750Mar 25, 2025affected < 6.0.2-1.1fixed 6.0.2-1.1
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to out-of-bo
- CVE-2025-2592Mar 21, 2025affected < 5.4.3-5.1fixed 5.4.3-5.1
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack m
- CVE-2025-2591Mar 21, 2025affected < 5.4.3-5.1fixed 5.4.3-5.1
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to di
- CVE-2025-2152Mar 10, 2025affected < 6.0.1-1.1fixed 6.0.1-1.1
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer
Page 1 of 2