Potential Crash Vulnerability in MaterialX Version 1.39.2
CVE-2025-53010
2LOW
What is CVE-2025-53010?
In MaterialX version 1.39.2, a critical issue arises from the parsing of shader nodes in MTLX files, where the MaterialXCore accesses a potentially null pointer. This vulnerability could lead to program crashes when maliciously crafted MTLX files are processed, allowing attackers to destabilize applications relying on OpenEXR. The issue has been addressed in version 1.39.3, which includes patches to enhance the stability of the product against such attacks.
Affected Version(s)
MaterialX >= 1.39.2, < 1.39.3