[SECURITY] Fedora 43 Update: vtk-9.2.6-44.fc43

VTK is an open-source software system for image processing, 3D graphics, volume rendering and visualization. VTK includes many advanced algorithms e.g., surface reconstruction, implicit modeling, decimation and rendering techniques e.g., hardware-accelerated volume rendering, LOD control. NOTE: T...

Fedora: Security Advisory (FEDORA-2026-ff768f8e37)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-55f82da186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : vtk (2026-ff768f8e37)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ff768f8e37 advisory. Add patch to fix integer overflow on 32-bit in KissFFT CVE-2025-34297 Tenable has extracted the preceding description block directly from the Fedora...

Fedora 43 : vtk (2026-55f82da186)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-55f82da186 advisory. Add patch to fix integer overflow on 32-bit in KissFFT CVE-2025-34297 Tenable has extracted the preceding description block directly from the Fedora...

Advisory ROSA-SA-2026-3211

software: vtk 9.0.1 OS: ROSA-CHROME unaffected versions = vtk-9.0.1.1-6 affected versions vtk-9.0.1.1-6 CVE-ID: CVE-2025-57106 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Buffer overflow in Kitware VTK before 9.5.0 in the vtkGLTFDocumentLoader component. The vulnerability occurs in the...

SUSE CVE-2025-57109

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

CVE-2025-57106

A flaw was found in Kitware VTK Visualization Toolkit. This vulnerability allows a buffer overflow via processing GLTF Graphics Language Transmission Format accessor data in the vtkGLTFDocumentLoader's BufferDataExtractionWorker template function...

EUVD-2025-37361

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

EUVD-2025-37362

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

CVE-2025-57108

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files...

abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +145 more potentially affected by CVE-2025-57107 via vtk (>=8.1.2 <=9.5.0)

vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =0.1.8, =0.4.0, =0.13.1, =0.71.0, =0.2.0, =0.4.2, =2024.7.4, =0.0.4rc3, =0.2.5, =0.6.1, =1.0.0.0, =2.1.16 and more Source cves: CVE-2025-57107 Source advisory: OSV:PYSEC-2025-225...

abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +145 more potentially affected by CVE-2025-57108 via vtk (>=8.1.2 <=9.5.0)

vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =0.1.8, =0.4.0, =0.13.1, =0.71.0, =0.2.0, =0.4.2, =2024.7.4, =0.0.4rc3, =0.2.5, =0.6.1, =1.0.0.0, =2.1.16 and more Source cves: CVE-2025-57108 Source advisory: OSV:PYSEC-2025-226...

abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +145 more potentially affected by CVE-2025-57106 via vtk (>=8.1.2 <=9.5.0)

vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =0.1.8, =0.4.0, =0.13.1, =0.71.0, =0.2.0, =0.4.2, =2024.7.4, =0.0.4rc3, =0.2.5, =0.6.1, =1.0.0.0, =2.1.16 and more Source cves: CVE-2025-57106 Source advisory: OSV:PYSEC-2025-224...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK 9.5.0 and earlier versions, which stems from a heap buffer overflow that can be caused by the copy constructor of the Accessor object not properly validating buffer boundaries wh...

CVE-2025-57107

Kitware VTK (Visualization Toolkit) versions up to and including 9.5.0 contain a heap buffer overflow in vtkGLTFDocumentLoader. The root cause is the copy constructor of Accessor objects not properly validating buffer boundaries when processing specially crafted GLTF files, leading to out-of-boun...

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK 9.5.0 and earlier versions, which originates from a buffer overflow in the BufferDataExtractionWorker template function in vtkGLTFDocumentLoader when processing GLTF accessor dat...

PT-2025-44637

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions through 9.5.0 Description The software contains a heap use-after-free issue in vtkGLTFDocumentLoader. This occurs during mesh object copy operations, where vector members are accessed after the memory...