Vulnerabilities (CVE)

Filtered by vendor Assimp Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-48423 1 Assimp 1 Assimp 2024-11-21 N/A 7.8 HIGH
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
CVE-2024-40724 1 Assimp 1 Assimp 2024-11-21 N/A 7.8 HIGH
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.
CVE-2022-45748 1 Assimp 1 Assimp 2024-11-21 N/A 8.8 HIGH
An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.
CVE-2022-38528 1 Assimp 1 Assimp 2024-11-21 N/A 6.5 MEDIUM
Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes.
CVE-2021-45948 1 Assimp 1 Assimp 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).