Описание
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| assimp | fixed | 6.0.2+ds-1 | package | |
| assimp | postponed | trixie | package | |
| assimp | postponed | bookworm | package | |
| assimp | postponed | bullseye | package |
Примечания
https://github.com/assimp/assimp/issues/5787
https://github.com/assimp/assimp/commit/2b773f0f5a726c38dda72307b5311c14fc3a76ae (v6.0.0)
EPSS
Связанные уязвимости
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
Уязвимость функции OpenDDLParser::parseStructure() библиотеки импорта 3D-моделей Open Asset Import Library (Assimp), позволяющая нарушителю вызвать отказ в обслуживании
EPSS