VYPR

Vendor CVEs

Assimp

All CVEs

62 total · sorted by risk
  • CVE-2025-2151Mar 10, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack…

  • CVE-2024-53425Nov 21, 2024
    risk 0.00cvss epss 0.00

    A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.

  • CVE-2024-48426Oct 24, 2024
    risk 0.00cvss epss 0.00

    A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).

  • CVE-2024-48425Oct 24, 2024
    risk 0.00cvss epss 0.00

    A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero…

  • CVE-2024-48424Oct 24, 2024
    risk 0.00cvss epss 0.00

    A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.

  • CVE-2024-48423Oct 24, 2024
    risk 0.00cvss epss 0.00

    An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.

  • CVE-2024-46632Sep 26, 2024
    risk 0.00cvss epss 0.00

    Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function.

  • CVE-2024-45679Sep 18, 2024
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product.

  • CVE-2024-40724Jul 19, 2024
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.

  • CVE-2022-45748Jan 20, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.

  • CVE-2022-38528Sep 6, 2022
    risk 0.00cvss epss 0.01

    Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes.

  • CVE-2021-45948Dec 31, 2021
    risk 0.00cvss epss 0.01

    Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).

Page 2 of 2