CVE-2022-38528

Name
CVE-2022-38528
Description
Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/assimp/assimp/issues/4662

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:assimp:assimp:5.2.5:*:*:*:*:*:*:* assimp == None == 5.2.5

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
assimp 3.17-community 5.2.5-r0 Russ Webber <russ@rw.id.au> possibly vulnerable
assimp 3.18-community 5.2.5-r1 Russ Webber <russ@rw.id.au> possibly vulnerable