CVE-2025-2753

Опубликовано: 25 мар. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 6.3

Описание

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as critical. Affected is the function SceneCombiner::MergeScenes of the file code/AssetLib/LWS/LWSLoader.cpp of the component LWS File Handler. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Релиз	Статус	Примечание
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
focal	ignored	end of standard support, was needs-triage
jammy	needs-triage
noble	needs-triage
oracular	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 22%

0.0007

Низкий

7.5 High

CVSS2

6.3 Medium

CVSS3

Связанные уязвимости

CVE-2025-2753

CVSS3: 6.3

redhat

6 месяцев назад

CVE-2025-2753

CVSS3: 6.3

nvd

6 месяцев назад

CVE-2025-2753

CVSS3: 6.3

debian

6 месяцев назад

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. I ...

GHSA-6gmq-j827-jv97

CVSS3: 6.3

github

6 месяцев назад

EPSS

Процентиль: 22%

0.0007

Низкий

7.5 High

CVSS2

6.3 Medium

CVSS3

CVE-2025-2753

Описание

Пакет assimp

Ссылки на источники

Связанные уязвимости