CVE-2025-6120

Medium CVSS: 4.8

A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Vendor

Assimp

Product

Assimp

CWE

CWE-119

Yayın Tarihi

2025-06-16 12:15:19

Güncelleme

2025-06-17 19:37:41

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Assimp MEDIUM Assimp 2025

Referanslar

https://github.com/assimp/assimp/issues/6220 https://github.com/assimp/assimp/issues/6220#issuecomment-2945018579 https://github.com/user-attachments/files/20605340/read_meshes_reproduce.tar.gz https://vuldb.com/?ctiid.312589 https://vuldb.com/?id.312589 https://vuldb.com/?submit.591235

Benzer Kayıtlar

Medium

CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerabili…

Medium

CVE-2025-11277

A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternR…

Medium

CVE-2025-11274

A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternRe…

Medium

CVE-2025-11275

A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function…

Medium

CVE-2025-6119

A vulnerability classified as critical has been found in Open Asset Import Library Assimp up to 5.4.3. Affected is the f…

Medium

CVE-2025-5204

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the fun…