CNNVD-202509-4099 Information

CNNVD ID

CNNVD-202509-4099

Related CVE

CVE-2025-11017

• CNNVD Published: 2025-09-26

Description (Chinese)

ogre是OGRECave开源的一个面向场景的3D引擎。 ogre 14.4.1及之前版本存在安全漏洞，该漏洞源于对文件/ogre/OgreMain/src/OgreLogManager.cpp中参数mDefaultLog的错误操作，可能导致空指针取消引用。

Description (English)

ogre is a 3D-oriented 3D engine for the Ogrecave Open Source. There is a security loophole in ogre 14.4.1 and earlier versions, which results from an error in the use of the parameter mDefaultLog in document/ogre/OgreMain/src/OgreLogManager.cpp, which may lead to the deletion of an empty pointer.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

OGRECave

Published

2025-09-26

Last Modified

2026-02-24

References

https://github.com/OGRECave/ogre/issues/3447 https://github.com/user-attachments/files/22335685/poc.zip https://vuldb.com/?ctiid.325960 https://vuldb.com/?id.325960 https://vuldb.com/?submit.654456 https://access.redhat.com/security/cve/cve-2025-11017