Advisory ROSA-SA-2026-3211

software: vtk 9.0.1 OS: ROSA-CHROME unaffected versions = vtk-9.0.1.1-6 affected versions vtk-9.0.1.1-6 CVE-ID: CVE-2025-57106 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Buffer overflow in Kitware VTK before 9.5.0 in the vtkGLTFDocumentLoader component. The vulnerability occurs in the...

SUSE CVE-2025-57109

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

CVE-2025-57106

A flaw was found in Kitware VTK Visualization Toolkit. This vulnerability allows a buffer overflow via processing GLTF Graphics Language Transmission Format accessor data in the vtkGLTFDocumentLoader's BufferDataExtractionWorker template function...

EUVD-2025-37362

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

CVE-2025-57107

Kitware VTK (Visualization Toolkit) versions up to and including 9.5.0 contain a heap buffer overflow in vtkGLTFDocumentLoader. The root cause is the copy constructor of Accessor objects not properly validating buffer boundaries when processing specially crafted GLTF files, leading to out-of-boun...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK 9.5.0 and earlier versions, which stems from a heap buffer overflow that can be caused by the copy constructor of the Accessor object not properly validating buffer boundaries wh...

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK 9.5.0 and earlier versions, which originates from a buffer overflow in the BufferDataExtractionWorker template function in vtkGLTFDocumentLoader when processing GLTF accessor dat...

PT-2025-44637

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions through 9.5.0 Description The software contains a heap use-after-free issue in vtkGLTFDocumentLoader. This occurs during mesh object copy operations, where vector members are accessed after the memory...

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

Linux Distros Unpatched Vulnerability : CVE-2025-57107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF...

Linux Distros Unpatched Vulnerability : CVE-2025-57108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitware VTK Visualization Toolkit through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh...

CVE-2025-57109

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK version 9.5.0, which stems from heap-release reuse when processing GLTF files, and could lead to accessing freed string members...

CVE-2025-57109

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

CVE-2025-57109

Kitware VTK 9.5.0 is affected by a Heap Use-After-Free vulnerability in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the code may access string members of mesh objects that were freed during actor import, leading to potential instability. Connected...