56 matches found
CVE-2025-53011 MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-53011
MaterialX CVE-2025-53011 is a NULL pointer dereference in MaterialXCore while parsing MTLX shader nodes. The bug occurs in 1.39.2 due to not checking implGraphOutput for null, enabling a crafted MTLX file to crash affected programs. Remediation is to upgrade to MaterialX 1.39.3 (or newer). A PoC ...
CVE-2025-53011 MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-53010
MaterialX CVE-2025-53010 involves a NULL pointer dereference in MaterialXCore when parsing shader nodes in MTLX files. Specifically, nodeGraph->getOutput may return null, and downstream code calls output->getConnectedNode(), which crashes. Affected path occurs when an input references a Nod...
CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-53009 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stac...
CVE-2025-53009
MaterialX (v1.39.2 and earlier) is vulnerable to a Denial of Service due to a stack-exhaustion flaw when parsing MTLX files with deeply nested nodegraph constructs. The root cause is unbounded recursion during XML parsing, which can crash target software that uses MaterialX/OpenEXR when handling ...
CVE-2025-53009 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stac...
CVE-2025-53009 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stac...
MaterialX 代码问题漏洞
MaterialX is a material rendering software open source by Academy Software Foundation. A code issue vulnerability exists in MaterialX version 1.39.2, which stems from a null pointer that may be accessed when parsing shader nodes, potentially causing the program to crash...
MaterialX 安全漏洞
MaterialX is an open source material rendering software from Academy Software Foundation. A security vulnerability exists in MaterialX 1.39.2 and earlier versions, which stems from a stack exhaustion issue when parsing MTLX files and may cause the program to crash...
MaterialX 代码问题漏洞
MaterialX is a material rendering software open source by Academy Software Foundation. A code issue vulnerability exists in MaterialX version 1.39.2, which stems from a null pointer that may be accessed when parsing shader nodes, potentially causing the program to crash...
MaterialX 资源管理错误漏洞
MaterialX is a material rendering software open source by Academy Software Foundation. A resource management error vulnerability exists in MaterialX version 1.39.2, which stems from a lack of depth limitations when nested importing files, and can lead to stack memory exhaustion...
MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion
Summary Nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. Details The MaterialX specification supports importing other files by using XInclude tags. When parsing file imports, recursion is used to process...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. An attacker can cause the application to crash or become unresponsive by supplying a deeply nested chain of imported files, leading to stack exhaustion during parsing. Note: This is only exploitable if the attacke...
GHSA-QC2H-74X3-4V3W MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion
Summary Nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. Details The MaterialX specification supports importing other files by using XInclude tags. When parsing file imports, recursion is used to process...
MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit
Summary When parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. Details By specification, multiple kinds of elements in MTLX support nesting other elements, such as in the case of nodegraph elements...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the XML parsing process. An attacker can cause a crash by providing a specially crafted MTLX file with deeply nested nodegraph elements, leading to stack exhaustion during recursive parsing. Remediation...