8 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the CopyValue function of glTFCommon.h within the 4x4 Matrix Parser component. An attacker can achieve arbitrary code execution or cause application instability by providing specially crafted input that...
Fedora 43 : assimp (2025-0f4b31c58e)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0f4b31c58e advisory. Backport fix for CVE-2025-11277 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the InternReadFile function. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted input files. Remediation Upgrade assimp to version 6.0.5 or higher. References...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to the HL1MDLLoader::validateheader function, which doesn't check the file size before trying to access the buffer/header. An attacker can read data outside the intended buffer boundaries by manipulating the input...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the ValidateSurfaceHeader function. An attacker can read data outside the intended buffer boundaries by manipulating the pcSurface2 argument. This is only exploitable if the attacker has local access to the...
assimp-devel-5.4.3-5.1 on GA media (moderate)
assimp-devel-5.4.3-5.1 on GA media Announcement ID: openSUSE-SU-2025:14950-1 Rating: moderate Cross-References: CVE-2025-2591 CVE-2025-2592 CVE-2025-3015 CVE-2025-3016 CVSS scores: CVE-2025-2591 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-2591 SUSE : 6.7...
OPENSUSE-SU-2024:14342-1 assimp-devel-5.4.3-2.1 on GA media
These are all security issues fixed in the assimp-devel-5.4.3-2.1 package on the GA media of openSUSE Tumbleweed...
Mageia: Security Advisory (MGASA-2024-0300)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...