Segmentation Violation in Open Asset Import Library by Assimp - Affected by Assimp::XFileImporter
CVE-2022-38528

6.5MEDIUM

Key Information:

Vendor: Assimp
Status: Assimp
Vendor: CVE Published:; 6 September 2022

What is CVE-2022-38528?

A segmentation violation has been identified in the Open Asset Import Library affecting the Assimp::XFileImporter component. This vulnerability can lead to unexpected termination of the application when meshes are created, potentially disrupting workflows that rely on importing various 3D model formats. Developers using versions affected by this commit should assess their implementation and apply necessary patches or updates to mitigate potential impacts.

References

https://github.com/assimp/assimp/issues/4662

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2022
Vulnerability Reserved
Aug 22, 2022

CVE-2022-38528 Data

JSON