Lucene search
K

56 matches found

Vulnrichment
Vulnrichment
added 2025/08/01 5:58 p.m.2 views

CVE-2025-53011 MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

5.1CVSS6.4AI score0.00516EPSS
Exploits1References4
CVE
CVE
added 2025/08/01 5:58 p.m.23 views

CVE-2025-53011

MaterialX CVE-2025-53011 is a NULL pointer dereference in MaterialXCore while parsing MTLX shader nodes. The bug occurs in 1.39.2 due to not checking implGraphOutput for null, enabling a crafted MTLX file to crash affected programs. Remediation is to upgrade to MaterialX 1.39.3 (or newer). A PoC ...

7.5CVSS6.6AI score0.00516EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/08/01 5:58 p.m.5 views

CVE-2025-53011 MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

5.1CVSS6.7AI score0.00516EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/08/01 5:58 p.m.11 views

CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

5.1CVSS0.00463EPSS
Exploits1References3
CVE
CVE
added 2025/08/01 5:58 p.m.41 views

CVE-2025-53010

MaterialX CVE-2025-53010 involves a NULL pointer dereference in MaterialXCore when parsing shader nodes in MTLX files. Specifically, nodeGraph->getOutput may return null, and downstream code calls output->getConnectedNode(), which crashes. Affected path occurs when an input references a Nod...

7.5CVSS6.6AI score0.00463EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/01 5:58 p.m.2 views

CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

5.1CVSS6.4AI score0.00463EPSS
Exploits1References3
OSV
OSV
added 2025/08/01 5:58 p.m.5 views

CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

5.1CVSS6.7AI score0.00463EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/01 5:57 p.m.11 views

CVE-2025-53009 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stac...

6.9CVSS0.00605EPSS
Exploits1References5
CVE
CVE
added 2025/08/01 5:57 p.m.24 views

CVE-2025-53009

MaterialX (v1.39.2 and earlier) is vulnerable to a Denial of Service due to a stack-exhaustion flaw when parsing MTLX files with deeply nested nodegraph constructs. The root cause is unbounded recursion during XML parsing, which can crash target software that uses MaterialX/OpenEXR when handling ...

7.5CVSS6.4AI score0.00605EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/01 5:57 p.m.2 views

CVE-2025-53009 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stac...

6.9CVSS6.2AI score0.00605EPSS
Exploits1References5
OSV
OSV
added 2025/08/01 5:57 p.m.7 views

CVE-2025-53009 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stac...

6.9CVSS6.5AI score0.00605EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.6 views

MaterialX 代码问题漏洞

MaterialX is a material rendering software open source by Academy Software Foundation. A code issue vulnerability exists in MaterialX version 1.39.2, which stems from a null pointer that may be accessed when parsing shader nodes, potentially causing the program to crash...

7.5CVSS6.7AI score0.00516EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.5 views

MaterialX 安全漏洞

MaterialX is an open source material rendering software from Academy Software Foundation. A security vulnerability exists in MaterialX 1.39.2 and earlier versions, which stems from a stack exhaustion issue when parsing MTLX files and may cause the program to crash...

7.5CVSS6.4AI score0.00605EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.4 views

MaterialX 代码问题漏洞

MaterialX is a material rendering software open source by Academy Software Foundation. A code issue vulnerability exists in MaterialX version 1.39.2, which stems from a null pointer that may be accessed when parsing shader nodes, potentially causing the program to crash...

7.5CVSS6.7AI score0.00463EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.4 views

MaterialX 资源管理错误漏洞

MaterialX is a material rendering software open source by Academy Software Foundation. A resource management error vulnerability exists in MaterialX version 1.39.2, which stems from a lack of depth limitations when nested importing files, and can lead to stack memory exhaustion...

7.5CVSS6.5AI score0.00818EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/07/31 7:37 p.m.13 views

MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion

Summary Nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. Details The MaterialX specification supports importing other files by using XInclude tags. When parsing file imports, recursion is used to process...

7.5CVSS6.8AI score0.00818EPSS
Exploits1References6Affected Software1
Snyk
Snyk
added 2025/07/31 7:37 p.m.3 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. An attacker can cause the application to crash or become unresponsive by supplying a deeply nested chain of imported files, leading to stack exhaustion during parsing. Note: This is only exploitable if the attacke...

7.5CVSS7AI score0.00818EPSS
Exploits1References2
OSV
OSV
added 2025/07/31 7:37 p.m.6 views

GHSA-QC2H-74X3-4V3W MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion

Summary Nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. Details The MaterialX specification supports importing other files by using XInclude tags. When parsing file imports, recursion is used to process...

6.9CVSS7.2AI score0.00818EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/07/31 7:37 p.m.8 views

MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit

Summary When parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. Details By specification, multiple kinds of elements in MTLX support nesting other elements, such as in the case of nodegraph elements...

7.5CVSS6.8AI score0.00605EPSS
Exploits1References8Affected Software1
Snyk
Snyk
added 2025/07/31 7:37 p.m.6 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the XML parsing process. An attacker can cause a crash by providing a specially crafted MTLX file with deeply nested nodegraph elements, leading to stack exhaustion during recursive parsing. Remediation...

7.5CVSS7AI score0.00605EPSS
Exploits1References2
Rows per page
Query Builder