pyassimp
PyPI11 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting pyassimppage 1 of 1
- CVE-2024-46632MEDIUMCVSS 4.3EG 4.32024-09-26
vulnerable: 0.1 ... 5.2.5 (7 versions)
Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function.
- CVE-2024-48423HIGHCVSS 7.8EG 7.82024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
- CVE-2024-48424MEDIUMCVSS 5.5EG 5.52024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
- CVE-2024-48425MEDIUMCVSS 5.5EG 5.52024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address …
- CVE-2024-48426MEDIUMCVSS 6.2EG 6.22024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).
- CVE-2024-53425MEDIUMCVSS 6.2EG 6.22024-11-21
vulnerable: 0.1 ... 5.2.5 (7 versions)
A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application cras…
- CVE-2025-11274LOWCVSS 3.3EG 3.32025-10-05
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack…
- CVE-2025-11275MEDIUMCVSS 5.3EG 5.32025-10-05
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function ODDLParser::getNextSeparator in the library assimp/contrib/openddlparser/include/openddlparser/OpenDDLParserUtils.h. S…
- CVE-2025-11277MEDIUMCVSS 5.3EG 5.32025-10-05
vulnerable: 0.1 ... 5.2.5 (7 versions)
A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer over…
- CVE-2025-3196MEDIUMCVSS 5.3EG 5.32025-04-04
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed …
- CVE-2025-3549MEDIUMCVSS 5.3EG 5.32025-04-14
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component…
Check whether pyassimp is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for pyassimp CVEs against the assets you own.
Start Free Scan →