CVE-2025-11277 | Open Asset Import Library Assimp 6.0.2 Q3DLoader.cpp InternReadFile heap-based overflow (Issue 6358)

Inserito da Angelo Barbosa | Ott 4, 2025 | CVE

A vulnerability described as critical has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing manipulation can lead to heap-based buffer overflow.

This vulnerability is registered as CVE-2025-11277. The attack needs to be launched locally. Furthermore, an exploit is available.

CVE-2025-11277 | Open Asset Import Library Assimp 6.0.2 Q3DLoader.cpp InternReadFile heap-based overflow (Issue 6358)

Post correlati

CVE-2025-38223 | Linux Kernel up to 6.12.34/6.15.3 privilege escalation

CVE-2023-48268 | Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0 Zip resource consumption

CVE-2024-21631 | Vapor up to 4.89.x vapor_urlparser_parse unmaintained third party components (GHSA-r6r4-5pr8-gjcp)

CVE-2024-47902 | Siemens InterMesh 7177 Hybrid 2.0 Subscriber prior 8.2.12 Web Server missing authentication (ssa-333468)