Assimp

assimp

Vendor: Assimp • 47 CVEs

CVEs (47)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-48423 1Assimp 1Assimp Nov 21, 2024 Oct 24, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
CVE-2024-46632 1Assimp 1Assimp May 27, 2025 Sep 26, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function.
CVE-2024-45679 1Assimp 1Assimp Jun 13, 2025 Sep 18, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product.
CVE-2024-40724 1Assimp 1Assimp Mar 25, 2025 Jul 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.
CVE-2022-45748 1Assimp 1Assimp Apr 3, 2025 Jan 20, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.
CVE-2022-38528 1Assimp 1Assimp Nov 21, 2024 Sep 6, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes.
CVE-2021-45948 1Assimp 1Assimp Nov 21, 2024 Jan 1, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).

Previous 1 23