Buffer Overflow Vulnerability in Assimp Version 5.4.3
CVE-2024-46632

4.3MEDIUM

Key Information:

Vendor: Assimp
Status: Assimp
Vendor: CVE Published:; 26 September 2024

What is CVE-2024-46632?

Assimp v5.4.3 contains a vulnerability that allows for a buffer overflow via the MD5Importer::LoadMD5MeshFile function. This flaw could potentially be exploited to disrupt normal operations, enabling unauthorized access or a crash of the application. Users of Assimp should take immediate steps to assess their risk and apply necessary updates or mitigations.

References

https://github.com/assimp/assimp/issues/5771

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 26, 2024
Vulnerability Reserved
Sep 11, 2024

CVE-2024-46632 Data

JSON