Assimp 代码问题漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the parameter operator in the function glTF2::LazyDict within the library...

DOS on valid signatures

Lines of code Vulnerability details Impact It was observed that signature matching can fail due to incorrect updation of operatorIndex. Each loop iteration should reset operatorIndex but this is not happening causing matches to be skipped as shown in POC Proof of Concept 1. Assume...