211 matches found
DEBIAN-CVE-2025-15538
A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...
CVE-2025-15538 Open Asset Import Library Assimp LWOMaterial.cpp FindUVChannels use after free
A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...
CVE-2025-15538 Open Asset Import Library Assimp LWOMaterial.cpp FindUVChannels use after free
A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...
CVE-2025-15538
A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...
PT-2026-3402
Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp versions up to 6.0.2 Description A security issue exists in Open Asset Import Library Assimp. The Assimp::LWOImporter::FindUVChannels function within the /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp file is...
Open Asset Import Library Assimp Resource Management Error Vulnerability
Open Asset Import Library Assimp is an official open-source asset import library. It allows loading of more than 40 3D file formats into a unified and clean data structure. Versions of Open Asset Import Library Assimp 6.0.2 and earlier contained a resource management vulnerability. This...
SUSE-SU-2026:20077-1 Security update for python-uv
This update for python-uv fixes the following issues: - CVE-2025-62518: astral-tokio-tar: Fixed boundary parsing issue allowing attackers to smuggle additional archive entries bsc1252399 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...
OPENSUSE-SU-2026:20026-1 Security update for python-uv
This update for python-uv fixes the following issues: - CVE-2025-62518: astral-tokio-tar: Fixed boundary parsing issue allowing attackers to smuggle additional archive entries bsc1252399 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...
ROS-20260112-7372
A vulnerability in the s390/uv component of the Linux operating system kernel is related to improper control of a resource during its lifecycle. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
[SECURITY] Fedora 41 Update: python-uv-build-0.9.7-2.fc41
This package is a slimmed down version of uv containing only the build backend...
[SECURITY] Fedora 42 Update: python-uv-build-0.9.7-2.fc42
This package is a slimmed down version of uv containing only the build backend...
Fedora 42 : python-uv-build / ruff / rust-get-size-derive2 / rust-get-size2 / etc (2025-e60a4ba4d7)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-e60a4ba4d7 advisory. uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of asynczip, which...
Fedora 41 : python-uv-build / ruff / rust-get-size-derive2 / rust-get-size2 / etc (2025-00e5b3d89c)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-00e5b3d89c advisory. uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of asynczip, which...
Malicious code in kidt-aog-uv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a94dbace64b6167ef3a6fb091872bab00afc94357846cbdf0c2356276a39da7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-183174 Malicious code in kidt-aog-uv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a94dbace64b6167ef3a6fb091872bab00afc94357846cbdf0c2356276a39da7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
[SECURITY] Fedora 43 Update: python-uv-build-0.9.7-2.fc43
This package is a slimmed down version of uv containing only the build backend...
Fedora 43 : python-cloudpickle / python-pydantic / python-pydantic-core / etc (2025-312ac3e645)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-312ac3e645 advisory. Pydantic 2.12.4 This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build method of the AnyUrl and Dsn types. This...
Fedora 43 : fastapi-cli / fastapi-cloud-cli / gherkin / maturin / etc (2025-4154ea83d0)
The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-4154ea83d0 advisory. uv / python-uv-build 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md ---- ruff 0.14.2...
[SECURITY] Fedora 41 Update: python-uv-build-0.9.5-1.fc41
This package is a slimmed down version of uv containing only the build backend...
Fedora 42 : openapi-python-client / python-uv-build / ruff / etc (2025-a77c1f005b)
The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-a77c1f005b advisory. uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for...