Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-2591

Опубликовано: 21 мар. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 4.3

Описание

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.

РелизСтатусПримечание
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

noble

needs-triage

oracular

ignored

end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 16%
0.00053
Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-2591

CVSS3: 4.3
nvd
7 месяцев назад

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.

debian логотип

CVE-2025-2591

CVSS3: 4.3
debian
7 месяцев назад

A vulnerability classified as problematic was found in Open Asset Impo ...

github логотип

GHSA-6q3p-m444-94qp

CVSS3: 4.3
github
7 месяцев назад

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.

fstec логотип

BDU:2025-12577

CVSS3: 5.5
fstec
7 месяцев назад

Уязвимость библиотеки импорта 3D-моделей Open Asset Import Library (Assimp), связанная с отсутствием проверки деления на ноль, позволяющая нарушителю вызвать отказ в обслуживании

redos логотип

ROS-20250930-04

CVSS3: 8.8
redos
16 дней назад

Множественные уязвимости assimp

EPSS

Процентиль: 16%
0.00053
Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3