Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-5169

Опубликовано: 26 мая 2025
Источник: redhat
CVSS3: 3.3

Описание

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

A flaw was found in the Open Asset Import Library (Assimp). This vulnerability allows an out-of-bounds read via malicious MDL files. Local access is required.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 9qt5-qt3dNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-119
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2368513assimp: Assimp Out-of-Bounds Read Vulnerability

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-5169

CVSS3: 3.3
ubuntu
24 дня назад

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

nvd логотип

CVE-2025-5169

CVSS3: 3.3
nvd
24 дня назад

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

debian логотип

CVE-2025-5169

CVSS3: 3.3
debian
24 дня назад

A vulnerability classified as problematic has been found in Open Asset ...

github логотип

GHSA-5wpj-mx2x-hx72

CVSS3: 3.3
github
24 дня назад

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

3.3 Low

CVSS3