Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-53425

Опубликовано: 21 нояб. 2024
Источник: redhat
CVSS3: 6.2

Описание

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.

A heap buffer overflow vulnerability was found in the Assimp package. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 9qt5-qt3dNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=2327803assimp: heap-based buffer overflow in SkipSpacesAndLineEnd

6.2 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-53425

CVSS3: 6.2
ubuntu
7 месяцев назад

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.

nvd логотип

CVE-2024-53425

CVSS3: 6.2
nvd
7 месяцев назад

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.

debian логотип

CVE-2024-53425

CVSS3: 6.2
debian
7 месяцев назад

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesA ...

github логотип

GHSA-53vp-hv55-j8x4

CVSS3: 6.2
github
7 месяцев назад

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.

fstec логотип

BDU:2025-02258

CVSS3: 6.2
fstec
8 месяцев назад

Уязвимость функции SkipSpacesAndLineEnd кроссплатформенной библиотеки импорта 3D-моделей, Assimp (Open Asset Import Library), позволяющая нарушителю выполнить произвольный код

6.2 Medium

CVSS3