Vulnerabilities > CVE-2022-45748 - Use After Free vulnerability in Assimp 5.1.4

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

assimp

CWE-416

NVD

Published: 2023-01-20

Updated: 2024-11-21

Summary

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.

Vulnerable Configurations

Part	Description	Count
Application	Assimp Assimp Assimp 5.1.4	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://github.com/assimp/assimp/issues/4286
https://github.com/assimp/assimp/issues/4286