Vulnerabilities > Assimp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-24 | CVE-2024-48423 | Use After Free vulnerability in Assimp 5.4.3 An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library. | 7.8 |
| 2024-07-19 | CVE-2024-40724 | Out-of-bounds Write vulnerability in Assimp Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product. | 7.8 |
| 2023-01-20 | CVE-2022-45748 | Use After Free vulnerability in Assimp 5.1.4 An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp. | 8.8 |
| 2022-09-06 | CVE-2022-38528 | Out-of-bounds Read vulnerability in Assimp 5.2.5 Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes. | 6.5 |
| 2022-01-01 | CVE-2021-45948 | Out-of-bounds Write vulnerability in Assimp 5.1.0/5.1.1 Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper). | 5.5 |