Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-3160

Опубликовано: 03 апр. 2025
Источник: redhat
CVSS3: 3.3

Описание

A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as a0993658f40d8e13ff5823990c30b43c82a5daf0. It is recommended to apply a patch to fix this issue.

A flaw has been found in the Open Asset Import Library (assimp). In affected versions, a maliciously crafted file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 9qt5-qt3dFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-119
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2357217assimp: Open Asset Import Library Assimp File SceneCombiner.cpp AddNodeHashes out-of-bounds

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-3160

CVSS3: 3.3
ubuntu
5 месяцев назад

A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as a0993658f40d8e13ff5823990c30b43c82a5daf0. It is recommended to apply a patch to fix this issue.

nvd логотип

CVE-2025-3160

CVSS3: 3.3
nvd
5 месяцев назад

A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as a0993658f40d8e13ff5823990c30b43c82a5daf0. It is recommended to apply a patch to fix this issue.

debian логотип

CVE-2025-3160

CVSS3: 3.3
debian
5 месяцев назад

A vulnerability has been found in Open Asset Import Library Assimp 5.4 ...

github логотип

GHSA-5jfr-9rr4-m9qm

CVSS3: 3.3
github
5 месяцев назад

A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as a0993658f40d8e13ff5823990c30b43c82a5daf0. It is recommended to apply a patch to fix this issue.

3.3 Low

CVSS3