Описание
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-2151
- https://github.com/assimp/assimp/issues/6016
- https://github.com/assimp/assimp/issues/6026
- https://github.com/sae-as-me/Crashes/raw/refs/heads/main/assimp/assimp_crash_1
- https://vuldb.com/?ctiid.299062
- https://vuldb.com/?id.299062
- https://vuldb.com/?submit.510582
EPSS
5.3 Medium
CVSS4
6.3 Medium
CVSS3
CVE ID
Дефекты
Связанные уязвимости
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in Open Asset Import ...
Уязвимость компонента File Handler кроссплатформенной библиотеки импорта 3D-моделей Assimp (Open Asset Import Library), позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.3 Medium
CVSS4
6.3 Medium
CVSS3