A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Assimp
Assimp assimp |
|
Weaknesses | CWE-120 | |
CPEs | cpe:2.3:a:assimp:assimp:5.4.3:*:*:*:*:*:*:* | |
Vendors & Products |
Assimp
Assimp assimp |
|
Metrics |
ssvc
|
Fri, 22 Nov 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | assimp: heap-based buffer overflow in SkipSpacesAndLineEnd | |
Weaknesses | CWE-122 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Thu, 21 Nov 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-11-21T00:00:00
Updated: 2024-11-26T17:51:40.031Z
Reserved: 2024-11-20T00:00:00
Link: CVE-2024-53425
Vulnrichment
Updated: 2024-11-26T17:51:29.293Z
NVD
Status : Awaiting Analysis
Published: 2024-11-21T14:15:18.303
Modified: 2024-11-26T18:15:20.090
Link: CVE-2024-53425
Redhat