Уязвимость CVE-2025-2152

Пакет	Статус	Версия исправления	Релиз	Тип
assimp	fixed	6.0.2+ds-1		package
assimp	postponed		trixie	package
assimp	postponed		bookworm	package
assimp	postponed		bullseye	package

CVE-2025-2152

CVSS3: 6.3

ubuntu

9 месяцев назад

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-2152

CVSS3: 6.3

nvd

9 месяцев назад

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

GHSA-38j2-f744-46qw

CVSS3: 6.3

github

9 месяцев назад

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

BDU:2025-07007

CVSS3: 9.8

fstec

9 месяцев назад

Уязвимость компонента File Handler кроссплатформенной библиотеки импорта 3D-моделей Assimp (Open Asset Import Library), позволяющая нарушителю вызвать отказ в обслуживании

ROS-20250616-05

CVSS3: 9.8

redos

6 месяцев назад

Множественные уязвимости assimp

exploitDog

CVE-2025-2152

Описание

Пакеты

Примечания

Связанные уязвимости