ansys-pyensight-core (>=0.9.8 <=0.10.10), awpy (>=2.0.0b2 <=2.0.0b4) +4 more potentially affected by unknown CVE via usd-core (>=23.11.0 <=24.8.0)

usd-core PYPI version =23.11.0, =0.9.8, =2.0.0b2, =1.0.0, =1.0.0, =2025.1.3, =1.3.0, =1.3.3 Source cves: unknown CVE Source advisory: OSV:GHSA-GRJP-54V3-C442...

Use-After-Free

usdcore is vulnerable to a Use-After-Free. The vulnerability is due to multi-threaded deletion of SdfPrimPathNode objects accessing freed memory, allowing an attacker to exploit a crafted .usd file to cause crashes or achieve remote code execution...

Use After Free

Overview usd-core is a Pixar's Universal Scene Description Affected versions of this package are vulnerable to Use After Free. Affected versions of the usd-core package are vulnerable to Use-After-Free due to unsynchronised destruction of SdfPrimPathNode objects in the SdfPathNode module that...

ansys-pyensight-core (>=0.10.18 <=0.11.10), pyansys (>=2026.1.0 <=2026.1.1) +2 more potentially affected by unknown CVE via usd-core (=25.11.0)

usd-core PYPI version =25.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on usd-core and may be impacted: - ansys-pyensight-core =0.10.18, =2026.1.0, =0.0.1, =0.1.0, =0.1.3 Source cves: unknown CVE Source advisory: SNYK:PYTHON-USDCORE-13537511...

ansys-pyensight-core (>=0.9.8 <=0.11.10), awpy (>=2.0.0b2 <=2.0.0b4) +6 more potentially affected by unknown CVE via usd-core (>=23.11.0 <=25.11.0)

usd-core PYPI version =23.11.0, =0.9.8, =2.0.0b2, =1.0.0, =1.0.0, =2025.1.3, =0.0.1, =0.1.0, =1.3.0, =1.3.3 Source cves: unknown CVE Source advisory: OSV:GHSA-58P5-R2F6-G2CJ...