Описание
Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| vtk9 | unfixed | package | ||
| vtk9 | no-dsa | trixie | package | |
| vtk9 | no-dsa | bookworm | package | |
| vtk9 | postponed | bullseye | package |
Примечания
https://gitlab.kitware.com/vtk/vtk/-/issues/19732
EPSS
Связанные уязвимости
Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations.
Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations.
Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations.
EPSS