rpm package
suse/assimp&distro=SUSE Package Hub 15 SP6
pkg:rpm/suse/assimp&distro=SUSE%20Package%20Hub%2015%20SP6
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-3016 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Mar 31, 2025 | A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulatio | ||
| CVE-2025-3015 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Mar 31, 2025 | A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argumen | ||
| CVE-2025-2592 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Mar 21, 2025 | A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack m | ||
| CVE-2025-2591 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Mar 21, 2025 | A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to di | ||
| CVE-2025-2151 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Mar 10, 2025 | A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack c | ||
| CVE-2024-53425 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Nov 21, 2024 | A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash. | ||
| CVE-2024-48425 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Oct 24, 2024 | A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero | ||
| CVE-2024-48424 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Oct 24, 2024 | A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files. | ||
| CVE-2024-48423 | — | < 5.3.1-bp156.3.9.1 | 5.3.1-bp156.3.9.1 | Oct 24, 2024 | An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library. | ||
| CVE-2024-40724 | — | < 5.3.1-bp156.3.3.1 | 5.3.1-bp156.3.3.1 | Jul 19, 2024 | Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product. |
- CVE-2025-3016Mar 31, 2025affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulatio
- CVE-2025-3015Mar 31, 2025affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argumen
- CVE-2025-2592Mar 21, 2025affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack m
- CVE-2025-2591Mar 21, 2025affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to di
- CVE-2025-2151Mar 10, 2025affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack c
- CVE-2024-53425Nov 21, 2024affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.
- CVE-2024-48425Oct 24, 2024affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero
- CVE-2024-48424Oct 24, 2024affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
- CVE-2024-48423Oct 24, 2024affected < 5.3.1-bp156.3.9.1fixed 5.3.1-bp156.3.9.1
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
- CVE-2024-40724Jul 19, 2024affected < 5.3.1-bp156.3.3.1fixed 5.3.1-bp156.3.3.1
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.