Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

WordPress plugin tagDiv Composer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

GHSA-3VFF-HJQV-M7H8 JupyterHub has an Open Redirect Vulnerability

Affected Version JupyterHub = 5.4.3 Impact An open redirect vulnerability in JupyterHub =5.4.3 allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an arbitrary attacker-controlled site outside JupyterHub instead of a...

OESA-2026-1215 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

CVE-2025-5200

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFileQuake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible to launch the attac...

PYSEC-2025-172

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSurface2 leads to out-of-bounds read...

Assimp 缓冲区错误漏洞

Assimp is an Assimp open source library. It is used to import and export various 3D model formats. A buffer error vulnerability exists in Assimp version 5.4.3, which stems from an out-of-bounds read issue...

Apache HttpClient 安全漏洞

Apache HttpClient is the United States Apache Apache Foundation of a Java written to access HTTP resources client program. The program is used to access network resources using the HTTP protocol. A logic error vulnerability exists in Apache HttpClient versions prior to 5.4.3, which stems from a P...

Open Asset Import Library 安全漏洞

Open Asset Import Library assimp is a library in the Open Asset Import Library open source. A security vulnerability exists in Open Asset Import Library version 5.4.3, which stems from a stack buffer overflow in the Assimp::MD2Importer::InternReadFile function...

UBUNTU-CVE-2025-3159

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/AssetLib/ASE/ASEParser.cpp of the component ASE File Handler. The manipulation leads to heap-based buff...

PT-2025-13833

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3 Description A critical issue has been found in the ASE File Handler component of the Open Asset Import Library Assimp. This issue affects the Assimp::ASEImporter::BuildUniqueRepresentation functio...

PYSEC-2025-161

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to out-of-bounds write. It is...

PYSEC-2025-160

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

CVE-2023-36528

Missing Authorization vulnerability in properfraction kk Star Ratings kk-star-ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through = 5.4.3...

Cloudera Manager Cross-Site Scripting Vulnerability (CNVD-2020-14237)

Cloudera Manager is a suite of Hadoop data management software from Cloudera. The software supports creating clusters, authentication, data backup and recovery, and more. A cross-site scripting vulnerability exists in Cloudera Manager versions prior to 5.4.3. The vulnerability stems from the WEB...