Home

CVE-2025-2751

Description

A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of the argument na leads to out-of-bounds read. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.485

Associated Vulnerability

VulnerabilityOS Platform
python-jinja2 Security Update (ALAS-2025-2792) python-jinja2-2.7.2-3.amzn2.0.4.noarch.rpmLinux
python3-jinja2 Security Update (ALAS-2025-2793) python3-jinja2-2.7.2-4.amzn2.0.7.noarch.rpmLinux
ansible-core Security Update (ALAS-2025-893) ansible-core-2.15.3-1.amzn2023.0.10.x86_64.rpmLinux
ansible-core Security Update (ALAS-2025-893) ansible-test-2.15.3-1.amzn2023.0.10.x86_64.rpmLinux
python-jinja2 Security Update (ALAS-2025-894) python3-jinja2-2.11.3-1.amzn2023.0.6.noarch.rpmLinux
qt5-qt3d Security Update (ALAS-2025-2903) qt5-qt3d-examples-5.15.3-1.amzn2.0.6.x86_64.rpmLinux
qt5-qt3d Security Update (ALAS-2025-2903) qt5-qt3d-devel-5.15.3-1.amzn2.0.6.x86_64.rpmLinux
qt5-qt3d Security Update (ALAS-2025-2903) qt5-qt3d-5.15.3-1.amzn2.0.6.x86_64.rpmLinux
qt5-qt3d Security Update (ALAS-2025-2903) qt5-qt3d-5.15.3-1.amzn2.0.6.i686.rpmLinux
qt5-qt3d Security Update (ALAS2-2025-2903) qt5-qt3d-5.15.3-1.amzn2.0.6.i686.rpmLinux
qt5-qt3d Security Update (ALAS2-2025-2903) qt5-qt3d-5.15.3-1.amzn2.0.6.x86_64.rpmLinux
qt5-qt3d Security Update (ALAS2-2025-2903) qt5-qt3d-devel-5.15.3-1.amzn2.0.6.x86_64.rpmLinux
qt5-qt3d Security Update (ALAS2-2025-2903) qt5-qt3d-examples-5.15.3-1.amzn2.0.6.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234