Openusd Security Vulnerabilities and Issues — Openusd CVE List

Lucene search

PixarOpenusd

8 matches found

CVE•added 2020/12/11 4:15 a.m.•101 views

CVE-2020-13520

An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability, victim needs...

8.8CVSS8.1AI score0.00902EPSS

CVE•added 2020/12/03 6:15 p.m.•95 views

CVE-2020-13524

An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim ...

6.3CVSS6.3AI score0.00411EPSS

CVE•added 2020/12/02 6:15 p.m.•89 views

CVE-2020-13498

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid...

5.5CVSS5.6AI score0.00455EPSS

CVE•added 2020/12/02 6:15 p.m.•84 views

CVE-2020-13496

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation...

6.5CVSS6.4AI score0.00395EPSS

CVE•added 2020/12/02 6:15 p.m.•76 views

CVE-2020-13497

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation....

5.5CVSS5.8AI score0.0023EPSS

CVE•added 2020/12/02 6:15 p.m.•55 views

CVE-2020-13493

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an att...

8.8CVSS7.6AI score0.00336EPSS

CVE•added 2020/12/03 5:15 p.m.•48 views

CVE-2020-13531

A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files. A specially crafted file can trigger the reuse of a freed memory which can result in further memory corruption and arbitrary code execution. To trigger this vulnerability, the victim need...

8.8CVSS9AI score0.01025EPSS

CVE•added 2020/12/02 6:15 p.m.•43 views

CVE-2020-13494

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability coul...

5.5CVSS5.3AI score0.00248EPSS