CNNVD-202510-753 Information
CNNVD ID
CNNVD-202510-753
Related CVE
- CNNVD Published: 2025-10-05
Description (Chinese)
Open Asset Import Library Assimp是Open Asset Import Library开源的一个官方开放资产导入库存储库。可将40多种3D文件格式加载到一个统一且干净的数据结构中。 Open Asset Import Library Assimp 6.0.2版本存在安全漏洞,该漏洞源于ODDLParser::getNextSeparator函数存在堆缓冲区溢出,可能导致本地攻击。
Description (English)
Open Assembly Import Library Assimp is an official open repository of assets from Open Assembly Import Library. More than 40 3D file formats can be loaded into a uniform and clean data structure. There is a security loophole in version 6.2 of Open Assembly Report Limited Assimp, which stems from the spilling out of the ODDLParser:getNetSeparator function, which could lead to local attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Open Asset Import Library
Published
2025-10-05
Last Modified
2026-02-24
References
https://github.com/assimp/assimp/issues/6357 https://github.com/user-attachments/files/22417682/poc.zip https://vuldb.com/?ctiid.327009 https://vuldb.com/?id.327009 https://vuldb.com/?submit.658675
Share on: