216.73.216.75

CVE-2025-2592

· Published 21/03/2025 14:15 · Modified 21/03/2025 14:15

Labels: CVE-2025-2592 2025-03-21CVE-2025-2592CWE-119[email protected]

Essential information

Published
21/03/2025 14:15
Modified
21/03/2025 14:15
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 2690e354da0c681db000cfd892a55226788f2743. It is recommended to apply a patch to fix this issue.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
assimp / open asset import library cpe:2.3:a:assimp:open_asset_import_library:5.4.3:*:*:*:*:*:*:*

References