Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-07-19
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).
CVSS Score
5.5
EPSS Score
0.002
Published
2022-01-01
Page 2