pyassimp
PyPI20 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting pyassimppage 1 of 1
- CVE-2024-46632MEDIUMCVSS 4.3EG 4.32024-09-26
vulnerable: 0.1 ... 5.2.5 (7 versions)
Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function.
- CVE-2024-48423HIGHCVSS 7.8EG 7.82024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
- CVE-2024-48424MEDIUMCVSS 5.5EG 5.52024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
- CVE-2024-48425MEDIUMCVSS 5.5EG 5.52024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address …
- CVE-2024-48426MEDIUMCVSS 6.2EG 6.22024-10-24
vulnerable: 0.1 ... 5.2.5 (7 versions)
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).
- CVE-2024-53425MEDIUMCVSS 6.2EG 6.22024-11-21
vulnerable: 0.1 ... 5.2.5 (7 versions)
A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application cras…
- CVE-2025-11274LOWCVSS 3.3EG 3.32025-10-05
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack…
- CVE-2025-11275MEDIUMCVSS 5.3EG 5.32025-10-05
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function ODDLParser::getNextSeparator in the library assimp/contrib/openddlparser/include/openddlparser/OpenDDLParserUtils.h. S…
- CVE-2025-11277MEDIUMCVSS 5.3EG 5.32025-10-05
vulnerable: 0.1 ... 5.2.5 (7 versions)
A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer over…
- CVE-2025-2151MEDIUMCVSS 6.3EG 6.32025-03-10
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to …
- CVE-2025-2152MEDIUMCVSS 6.3EG 6.32025-03-10
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. Th…
- CVE-2025-2591MEDIUMCVSS 4.3EG 4.32025-03-21
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the …
- CVE-2025-2754MEDIUMCVSS 6.3EG 6.32025-03-25
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as critical. Affected by this vulnerability is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of t…
- CVE-2025-2756MEDIUMCVSS 6.3EG 6.32025-03-25
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Hand…
- CVE-2025-2757MEDIUMCVSS 6.3EG 6.32025-03-25
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Hand…
- CVE-2025-3158MEDIUMCVSS 5.3EG 5.32025-04-03
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.…
- CVE-2025-3196MEDIUMCVSS 5.3EG 5.32025-04-04
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed …
- CVE-2025-3549MEDIUMCVSS 5.3EG 5.32025-04-14
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component…
- CVE-2025-5165LOWCVSS 3.3EG 3.32025-05-26
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of t…
- CVE-2025-5167LOWCVSS 3.3EG 3.32025-05-26
vulnerable: 0.1 ... 5.2.5 (7 versions)
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function LWOImporter::GetS0 in the library assimp/code/AssetLib/LWO/LWOLoader.h. The manipulati…
Check whether pyassimp is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for pyassimp CVEs against the assets you own.
Start Free Scan →