CVE-2024-48424

Опубликовано: 24 окт. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.

Ссылки

https://github.com/assimp/assimp/issues/5787
Exploit
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:assimp:assimp:5.4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00031

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-120

Связанные уязвимости

CVE-2024-48424

CVSS3: 5.5

ubuntu

8 месяцев назад

A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.

CVE-2024-48424

CVSS3: 5.5

redhat

8 месяцев назад

A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.

CVE-2024-48424

CVSS3: 5.5

debian

8 месяцев назад

A heap-buffer-overflow vulnerability has been identified in the OpenDD ...

GHSA-93cm-9ghm-5q5v

CVSS3: 5.5

github

8 месяцев назад

A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.

BDU:2025-03338

CVSS3: 5.5

fstec

8 месяцев назад

Уязвимость функции OpenDDLParser::parseStructure() библиотеки импорта 3D-моделей Open Asset Import Library (Assimp), позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 7%

0.00031

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-120