CVE-2024-53425

Name
CVE-2024-53425
Description
A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://github.com/assimp/assimp/issues/5860

Match rules

CPE URI Source package Min version Max version
n/a == n/a == n/a
cpe:2.3:a:assimp:assimp:5.4.3:*:*:*:*:*:*:* assimp == 5.4.3 == 5.4.3

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
assimp edge-community 5.4.3-r0 Russ Webber <russ@rw.id.au> possibly vulnerable
assimp 3.20-community 5.4.3-r0 Russ Webber <russ@rw.id.au> possibly vulnerable