CVE-2024-40724

Опубликовано: 19 июл. 2024

Источник: debian

EPSS Низкий

Описание

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
assimp	fixed	5.4.2+ds-1		package
assimp	ignored		bookworm	package
assimp	no-dsa		bullseye	package

Примечания

https://github.com/assimp/assimp/commit/ddb74c2bbdee1565dda667e85f0c82a0588c8053 (v5.4.2)

EPSS

Процентиль: 31%

0.00115

Низкий

Связанные уязвимости

CVE-2024-40724

CVSS3: 7.8

ubuntu

больше 1 года назад

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.

CVE-2024-40724

CVSS3: 7.8

nvd

больше 1 года назад

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.

openSUSE-SU-2024:0225-1

suse-cvrf

больше 1 года назад

Security update for assimp

SUSE-SU-2024:3079-1

suse-cvrf

больше 1 года назад

Security update for libqt5-qt3d

SUSE-SU-2024:3078-1

suse-cvrf

больше 1 года назад

Security update for libqt5-qtquick3d

EPSS

Процентиль: 31%

0.00115

Низкий